This is a dataset containing a country-level breakdown of infected and Exposed IoT devices detected through sinkholes, honeypots and darknets operated by The Shadowserver Foundation and its partners. The data is grouped by IoT related threats. In some cases a vulnerability id is provided as a threat name - this is for cases when an IP was seen attempting to exploit an IoT related vulnerability by a honeypot, but no threat related information was acquired. This dataset was created as part of the EU CEF VARIoT project https://variot.eu