Maximum Danger
IP 80.66.83.43 is a high-risk address originating from Russia that has been linked to sustained, high-volume hacking activity, with 1,939 abuse reports filed against it over a four-month window and a perfect threat score of 10 out of 10. The address, registered to individual operator Bashinskii Vadim Ruslanovich under ASN AS216473, presents a severe risk to any exposed network services.
Automated honeypot sensors across multiple monitoring points logged the full 1,939 reports between February and June 2026, yielding a confidence score of 93 percent for malicious activity attribution. The activity frequency rating of 8 out of 10 indicates this is not an isolated incident but rather persistent, ongoing reconnaissance and intrusion attempts. All 20 most recent threat-category reports specifically classified the activity as hacking, confirming a deliberate focus on unauthorized access and vulnerability exploitation rather than opportunistic noise.
The detected attack patterns reveal TCP stream manipulation techniques. Suricata intrusion-detection systems flagged "broken ack" packets, which are commonly used by threat actors to evade stateful firewall tracking and disrupt legitimate connection-state tracking. Combined with generic "attack connection" signatures, this indicates the operator is employing sophisticated methods to probe and compromise target systems, making this IP particularly dangerous to exposed services such as SSH, RDP or any authentication portal.
Administrators should block IP 80.66.83.43 at the network perimeter firewall immediately and implement deny-by-default access controls. Deploying tools such as fail2ban or equivalent rate-limiting solutions can automatically block repeated connection attempts. Ensuring all exposed services are fully patched, enforcing strong authentication mechanisms, and monitoring IDS alerts for anomalous TCP behavior will further reduce exposure to this threat actor's techniques.
MU 
MX 
SC 
UA 
RO 
EG