Botnet activity increase
A botnet is a collection of devices connected via the internet, each running a single bot or series of bots. Distributed Denial of Service Attacks (DDoS), crypto mining and click fraud are common activities done by botnets to enable adversaries to access a device. Attackers use Command and Control (C&C) software to control devices.
Nearly all malware families use botnets for command and control (C&C) communications. With the growth in malware families and variants, it was to be expected that botnet activity increases as well.
The number of “active days” increased - Measured by researchers as the time between when botnet activity was first detected by their sensors and when the botnet stopped communicating.
The time between running C&C’s if detected has decreased, thanks to using attack infrastructure as code (IAC).