A total of 41,181 distinct IP addresses were identified as the source of the attacks, and they were located in China, Pakistan, and Vietnam.
The majority of the systems the attackers targeted were those with internet access, including remote desktop protocol (RDP), susceptible server message blocks (SMB), database services, and outdated Windows server architectures.