Critical Alert
IP 88.80.148.108, registered in Bulgaria and operated by Belcloud LTD (AS44901), presents a maximum threat level of 10/10 based on 722 independent abuse reports submitted through automated honeypot sensors, indicating sustained and aggressive scanning activity targeting Internet of Things infrastructure.
The IP has accumulated its substantial report volume within a concentrated timeframe during April 2026, with 20 of those reports specifically categorising the activity as IoT-targeted attacks detected by automated honeypot sensors. The 94% confidence score and moderate activity frequency of 5/10 suggest consistent, methodical probing rather than opportunistic burst activity. The Autonomous System belongs to a Bulgarian hosting provider, and the persistent focus on IoT and industrial control systems suggests a deliberate campaign to identify and compromise connected devices with known vulnerabilities.
IoT-targeted attacks exploit weak security controls in smart devices, routers, cameras, and industrial control systems that are often deployed with default credentials, unpatched firmware, or exposed management interfaces. An IP with this threat profile actively scans for such misconfigured devices, creating significant risk for any exposed IoT infrastructure on networks reachable from this source. The volume and consistency of reports indicate this is not experimental probing but sustained exploitation preparation.
Network operators should immediately block 88.80.148.108 at the perimeter firewall, implement fail2ban or similar dynamic blocking tools, and audit IoT device exposure to ensure default credentials are changed and management interfaces are not internet-accessible. Segmenting IoT networks from critical infrastructure and disabling universal plug-and-play on consumer devices significantly reduces the attack surface available to this threat source.
CY 
RO 
FR 
SE 
TR