Russia (RU) Threat Intelligence

RU

Russia has 112,442 malicious IP addresses with 2,574,204 abuse reports. Top threat categories include suspicious activity, severe abuse, professional threat, ssh bruteforce, moderate threat. Top attacking networks: Rostelecom (10,174 IPs), Biterika Group LLC (5,479 IPs), JSC Selectel (4,993 IPs). Data collected since 2022-08-23, last activity 2026-04-06.

Threat Assessment: Russia is one of the most significant sources of cyber threats globally, with an exceptionally high volume of malicious IP addresses. The dominant attack types are suspicious activity, severe abuse, professional threat. The majority of threats originate from networks operated by Rostelecom and Biterika Group LLC.

Total Reports
2,574,204
Unique IPs
112,442
First Seen
2022-08-23
Last Activity
2026-04-06

Top Threat Categories

Suspicious Activity 103,142
Severe Abuse 28,860
Professional Threat 20,377
Ssh Bruteforce 11,135
Moderate Threat 9,155

Top Attacking Networks

AS12389 Rostelecom
10,174 IPs
AS35048 Biterika Group LLC
5,479 IPs
AS49505 JSC Selectel
4,993 IPs

Most Reported IPs in Russia

45.135.232.92 3,214 reports
45.140.17.124 2,394 reports
176.120.22.13 2,302 reports
176.120.22.47 1,403 reports
45.135.232.177 872 reports

Access this data via API

Get Russia threat intelligence programmatically.

curl https://ip.wayscloud.services/api/country/RU

View full API documentation

See how we classify and verify threats →

Check any IP from Russia

Look up threat intelligence for a specific IP address.

Related: Country Threat Ranking Country Risk Trends → Top Malicious IPs → AS12389 Intelligence AS35048 Intelligence AS49505 Intelligence Global Attack Trends Detect Malicious Traffic

Loading threat intelligence data...