FortiGuard Threat Report Daily Monthly

Region: Global Asia-Pacific North & South America Europe, Middle-East and Africa Oceania


1 Tiny.Botnet 0.6%
2 Zeus.Botnet 0.12%
3 Conficker.Botnet 0.1%
4 Dorkbot.Botnet 0.09%
5 H-worm.Botnet 0.08%
6 Necurs.Botnet 0.07%
7 Andromeda.Botnet 0.06%
8 Orbit.Downloader.DDoS 0.04%
9 Lethic.Botnet 0.04%
10 Jeefo.Botnet 0.04%

Global Botnet Infections

This map is based on statistics collected from FortiGate devices around the world. Data is updated every hour from FortiGuard labs' central servers.


Customers who use Fortinet's FortiGuard Subscription Services should already be protected against the threats outlined in this report with the appropriate configuration parameters in place. Threat activity is compiled by Fortinet's FortiGuard Labs using data gathered from its intelligence systems and FortiGate™ multi-threat security appliances in production worldwide. FortiGuard Subscription Services offer comprehensive security solutions including antivirus, intrusion prevention, Web content filtering and antispam capabilities.

These services enable protection against threats on both application and network layers. FortiGuard Services are continuously updated, which enables Fortinet to deliver a combination of multi-layered security intelligence and true zero-day protection from new and emerging threats.These updates are delivered to all FortiGate, FortiMail and FortiClient products.


1 All detections are ranked by Incidence. Incidence is a percentage which measures the movement of threats within a given time period, by observing how many new report locations a given threat has in comparison to the last report cycle. Thus, a threat with high incidence means that the threat has only recently emerged in many locations. To visually view this data, click the link for any detection for a pop-up window with interactive data. The stacked chart will display how many new instances (red) vs. already known instances (blue) were observed on a given day. The DB column indicates the latest database version in which the listed detection has been included / modified in. IPS detections are based on signatures that are rated either "high" or "critical" severity, are set to block by default, and have been modified by FortiGuard Labs within the past two years. Malware / IPS / Applications and Botnet signatures listed are all available through manual download, or push/pull methods from Fortinet's Distribution Network.

2 Filtered Malicious Domains lists the most prevalent top level domains observed in spam emails, ranked by Incidence1. Two types of spam data are available for selection via the radio button. Spam Recipient data shows daily spam rate and geographic hot spots in terms of rate. Spam rate is calculated by directly comparing the number of spam email to total email. Spammer data can also be shown, with daily data on the volume of unique spamming IP addresses. Geographic hot spots for these spamming IP's are also shown. Often times, a spamming IP will be a legitimate machine which has been compromised and is sending spam (known as a spambot).