← Back to feed
AS9198 JSC Kazakhtelecom
ASN Active mediumWhy this campaign was detected
6 IPs from the same network (JSC Kazakhtelecom, AS9198) were active during overlapping time periods. Temporal correlation across a shared autonomous system suggests infrastructure controlled by the same entity.
Primary ASN
AS9198 · JSC Kazakhtelecom
Subnet
—
Country
🇰🇿 KZ
Cloud Provider
—
Member Count
6 IPs
Below average
Total Events
1646
Below average by volume
Started / Ended
2026-02-25 17:28 — ongoing
Attack Types
MITRE ATT&CK Techniques
Initial Access
Member Actors
| IP Address | Behavior | Confidence | Flags | Events | Agents | Attack Types | Hostname | Last Seen | |
|---|---|---|---|---|---|---|---|---|---|
| 95.58.255.251 | credential_harvester | 79% | 1x OSINT | 1125 | 3 | ssh:bruteforce | 95.58.255.251.static.telecom.kz | 2026-06-16 05:29 | evidence → |
| 2.135.146.53 | credential_harvester | 57% | 1x OSINT | 292 | 1 | ssh:bruteforce | — | 2026-06-17 14:40 | evidence → |
| 92.47.46.174 | credential_harvester | 53% | 1x OSINT | 64 | 2 | ssh:bruteforce | — | 2026-06-12 20:53 | evidence → |
| 2.134.15.12 | malware_dropper | 47% | 1x OSINT | 23 | 1 | ssh:bruteforce | — | 2026-06-15 11:39 | evidence → |
| 82.200.235.138 | reconnaissance | 38% | 1x OSINT | 128 | 1 | ssh:bruteforce | — | 2026-06-14 06:43 | evidence → |
| 178.88.167.38 | scanner | 29% | 6 | 1 | ssh:bruteforce | — | 2026-06-17 09:09 | evidence → |
VPN Known VPN or proxy provider
DROP ASN on Spamhaus DROP list
Nx OSINT Corroborated by N external threat feeds