Critical Alert
IP 88.80.148.91, operated by Belcloud LTD in Bulgaria (AS44901), is a critical-risk address tied to IoT-targeted exploitation activity, generating 773 abuse reports with a maximum 10/10 threat score and 94% confidence based on automated honeypot detection during April 2026.
The overwhelming majority of recent reports—20 from automated honeypot sensors alone—specifically document IoT-targeted scanning and exploitation attempts originating from this address, indicating systematic probing of internet-connected devices with weak or default security configurations. The sustained volume of reports over the April 2026 timeframe demonstrates persistent, repeated engagement rather than isolated probes, while the high confidence score confirms the activity is reliably attributed to this specific source.
IoT-targeted attacks exploit weak security controls in smart devices, routers, cameras, and other connected hardware through credential guessing, unpatched vulnerabilities, and exposed management interfaces. Successful compromise typically results in device recruitment into botnets, weaponization for distributed denial-of-service campaigns, or lateral movement into broader network infrastructure. The 10/10 threat rating reflects the severe real-world risk this activity poses to any exposed IoT or ICS environments lacking proper hardening.
Site operators should immediately isolate IoT devices on dedicated network segments separated from critical infrastructure by firewalls or VLANs, replace all default credentials with strong unique passwords, ensure firmware is current across all connected hardware, and disable unnecessary services such as UPnP to reduce attack surface. Deploying tools like fail2ban or equivalent intrusion-prevention systems can automatically block repeated connection attempts from this source. Continuous monitoring of device behaviour and network logs will enable early detection of similar reconnaissance or exploitation activity.
CY 
RO 
FR 
SE 
TR