One in five botnets are hosted in North America, making it the most desirable place for hackers, according to research from Level 3.
According to Level 3's Safeguarding the Internet report, 20 percent of botnets' command and control servers (C2) are located in the US.
"An average of 20 percent of the C2s we tracked were based in North America with a nearly equal amount launching from the Ukraine and Russia combined," read the report.
Western Europe and the UK contributed another 12 percent of C2 traffic while Latin America accounted for mere two percent.
The researchers said hackers' interest in the US is likely due to its reliable infrastructure.
"The United States has a wealth of infrastructure that lends itself to attack execution," read the paper.
"Its proximity to valuable targets at home and abroad makes the United States a highly desirable location for criminals to establish a well-connected and stable control point."
Despite being the most popular hosting spot the US was not the primary botnet victim during Q1.
"In the first quarter of 2015, Norway received the most victim traffic across the globe. This may seem surprising both from a global and regional perspective," read the paper.
"We see an over-balance of Nordic botnet communications with C2s - 22 percent of the global average of victim traffic. By comparison, UK victims comprised two percent and southern Europe comprised 11 percent of the global average."
The researchers said the figures are troubling as criminals are using the botnets for a variety of illegal activities.
"Every day, our security team monitors approximately 1.3 billion security events and mitigates roughly 22 distributed denial of service (DDoS) attacks," read the report.
"Out of the more than 1,000 C2s we tracked during the first quarter of 2015, we found over 600 being used for malicious communications targeting corporate environments.
"Left unchecked, these C2s have the potential to disrupt business and destroy critical information assets."
The Level 3 research follows efforts by law enforcement to tackle the botnet threat.
Law enforcement agencies across the globe, including the UK National Crime Agency (NCA), launched a coordinated sting operation that temporarily shut down the Gameover Zeus botnet in June 2014.
FBI briefing US companies to dump Kaspersky, claiming intelligence prove it a 'threat to national security'
Kaspersky rejects FBI accusations that its products are a 'threat to national security'
But breached contractor says that it simply didn't have that much data
EE follows Three in threatening legal action against Ofcom - but for entirely different reasons
The One X is already sold out at several retailers