Critical Threat
IP 113.177.23.213 is a critical-risk address operating from Vietnam (AS45899, VNPT Corp) with a threat level of 10/10, based on 251 abuse reports and a 94% confidence score, indicating sustained and aggressive unauthorized access attempts targeting exposed services.
Automated honeypot sensors recorded 20 distinct detection events during May 2026, establishing a concentrated activity window with an activity frequency rating of 8/10. The volume and consistency of reports from multiple sensor nodes substantiate the high confidence attribution, confirming this as a persistent rather than transient threat actor. Network attribution points to Vietnam's state-owned telecommunications provider VNPT Corp, whose infrastructure has been utilized for the attack campaign.
General hacking activity encompasses a broad spectrum of intrusion methodologies, including vulnerability exploitation, credential-based attacks, and unauthorized access attempts. Detection logs revealed an established SSH session on an expected port, suggesting the attacker successfully authenticated or was actively attempting authentication against exposed SSH services. Such activity poses significant risk to unpatched or misconfigured servers, potentially enabling complete system compromise, lateral movement, and data exfiltration.
Defensive measures should include immediate blocking of the IP at the firewall level, implementation of fail2ban or equivalent rate-limiting solutions to throttle brute-force attempts, and enforcement of key-based SSH authentication to eliminate credential-guessing vectors. Organizations should ensure systems remain current with security patches, deploy intrusion detection systems to monitor for suspicious session establishment, and follow security best practices including non-default ports and principle of least privilege access controls.
RO 
FR 
SE 
TR