CyberBunker 2.0 was shut down by police in Germany in September 2019. SANS Technology Institute analyzed traffic from more than 7,000 unique IP addresses. The analysis showed that Brazil is a top source and destination of packets received by the SANS honeypot. The data also had to be sampled due to the sheer size of the data, the report says. The research was part of a master’s thesis by Karim Lalji, a managing security consultant at Canadian telecommunications firm TELUS.”]
Source: https://www.darkreading.com/attacks-breaches/cybercrime-infrastructure-never-really-dies