Malicious Infrastructure Finds Stability with aurologic GmbH

Insikt Group’s report finds that German upstream provider aurologic GmbH has become a central enabler of high-risk hosting networks, repeatedly providing transit to suspected threat activity enablers (TAEs) — including Aeza Group, Railnet, Femo IT Solutions, and Global-Data System — which host large volumes of malware command-and-control infrastructure and support cybercrime and disinformation campaigns; the report documents routing evidence, sanctions and arrests tied to downstream actors, and highlights systemic gaps between legal neutrality and operational responsibility in upstream abuse mitigation, recommending intelligence-driven blocking and stronger operational controls.