Permission to quote from or reproduce Spamhaus News articles is granted automatically providing you state the source as Spamhaus and link to the news record.
|
|
 |
2022-01-20 UTC |
|
Q4 saw a 23% rise in the number of new botnet command and controllers (C&Cs) identified by our research team. Despite this increase, our researchers are aware of botnet C&C activity they cannot track due to communications being made via DNS over HTTPS (DoH). This is worrying and certainly tilts the scales in the... (>) |
|
|
2021-10-14 UTC |
|
Q3 has seen a massive 82% rise in the number of new botnet command and controllers (C&Cs) identified by our research team. They have observed an explosion in the use of backdoor malware with nefarious operators hiding behind FastFlux. In turn, this has caused several new countries and service providers to be... (>) |
|
|
2021-07-13 UTC |
| This quarter, the Spamhaus researchers have observed a 12% reduction in newly observed botnet command and controllers (C&Cs), which is good news.... (>) |
|
|
2021-04-15 UTC |
| After a quiet(ish) end to 2020 in Spamhaus’ botnet world, the first quarter of this year kicked off in style.... (>) |
|
|
2021-01-29 UTC |
| On Tuesday, Jan 27, 2021, Europol announced that a coordinated group of international authorities has taken control of the Emotet infrastructure.... (>) |
|
|
2020-12-18 UTC |
| As of January 5th, 2021, the Composite Blocklist (CBL) is being retired. This data, however, is included in the eXploits Blocklist (XBL).... (>) |
|
|
2020-07-30 UTC |
| The pandemic certainly didn’t put the brakes on botnet operators in Q2 2020. After the welcome decrease in activity at the end of Q1, the research team tracked and listed a 29%* increase in the number of botnet Command & Controllers (C&Cs) this quarter.
This increased activity is highlighted across most of our Top 20... (>) |
|
|
2020-07-16 UTC |
| Qbot (aka Quakbot or Qakbot), is a piece of malware originally designed to enable bad actors to conduct financial fraud.... (>) |
|
|
2020-04-21 UTC |
| In the past quarter, the number of botnet Command & Controllers (C&Cs) associated with fraudulent sign-ups, reduced by 57%.... (>) |
|
|
2020-01-28 UTC |
| In the 2019 Botnet Threat Report we look back at key trends from 2019 and highlight the operators who are struggling with the number of botnet C&Cs associated with their particular operations.... (>) |
|
|
2019-12-19 UTC |
| Our researchers have uncovered a new breed of "bulletproof" hosting. Here's what you need to know...... (>) |
|
|
2019-12-12 UTC |
| Since Emotet's resurgence, Spamhaus Malware Labs has been closely monitoring and studying Emotet’s activity. Here’s what we’ve uncovered...... (>) |
|
|
2019-10-11 UTC |
| You would be right to assume that malware authors and botnet operators in the Northern Hemisphere took a break over the summer months. Unfortunately, that assumption would be incorrect.... (>) |
|
|
2019-07-15 UTC |
| In this quarter, Botnet command & control (C&C) traffic remains significantly above the monthly averages of 2018, although it would appear that in June some botnet operators have taken a vacation.... (>) |
|
|
2019-04-25 UTC |
| Welcome to the first quarterly update of 2019
In the first three months of this year, Spamhaus Malware Labs have observed significant changes in the malware that’s associated with botnet Command & Control (C&C) servers, most notably a preference for cybercriminals to utilize crimeware kits...... (>) |
|
|
2019-03-27 UTC |
| Most professionals within enterprise security have come across ‘Emotet'. As its history illustrates, the criminals behind Emotet malware are cunning and quick to maximize its ‘potential.' From a basic banking Trojan to a threat distribution service, it is constantly being re-invented. This ‘constant malware improvement’ isn’t showing any sign of abating. Recently the Spamhaus Malware Labs team have identified further unsettling changes in Emotet.... (>) |
|
|
2018-10-26 UTC |
| If you’ve been monitoring the Exploits Block List (XBL) recently you will have noticed a significant increase in the number of listings. The past few weeks have seen a lift from approximately 10 million to 15 million listings. The question is why? Our botnet specialist explains…... (>) |
|
|
2018-04-09 UTC |
| Take a look at org charts, international standards, conferences and forums…you will observe there are two tribes; one for the ‘network’ the other for ‘applications’. It’s a distinction that’s embedded in Information Technology with the Network Layer ‘below’ all applications with a dedicated team dealing with connectivity, routers, upstreams and peering, all quite independently from the nature of the data that is flowing. Another team deals with ‘applications’; email, web services, etc., that do their job without having to consider the underlying aspects related to networking.... (>) |
|
|
2018-01-08 UTC |
| Now that 2017 is behind us, as we do each year, the Spamhaus Project would like to give some numbers and thoughts on the botnet threats we encountered. In 2017, Spamhaus Malware Labs identified and issued Spamhaus Block List (SBL) listings for more than 9,500 botnet Command & Control servers on 1,122 different networks. A botnet controller, commonly abbreviated as "C&C", is being used by fraudsters to both control malware infected machines and to extract personal and valuable data from malware infected victims. Botnet controllers therefore play a core role in operations conducted by cybercriminals who are using infected machines to send out spam, ransomware, launch DDoS attacks, commit ebanking fraud, click-fraud or to mine cryptocurrencies such as Bitcoin. An infected machine can be a desktop computer, mobile device (like a smartphone) but also an IoT device ("Internet Of Things") device such as webcam or network attached storage (NAS) that is connected to the internet.... (>) |
|
|
2017-04-25 UTC |
| Cloud computing is popular these days. Millions of users consume computing power out of the cloud every day. Cloud computing comes with several advantages over traditional server hosting, such as scalability and quick deployment of new resources.
As of January 2017, several large botnet operators appear to have discovered the benefits of cloud computing as well, and have started to... (>) |
|
|
2017-01-17 UTC |
| 2016 was a busy year for existing and emerging cyber threats. In the past year, Spamhaus researchers issued listings for over 7,000 botnet Command & Control ("C&C") servers on more than 1,100 different networks. These C&C servers enabled and controlled online crime such as credential theft, e-banking fraud, spam and DDoS attacks. They were also used for the retrieval of stolen data. 2016 will also go down in history as the first year that security issues related to the 'Internet-of-Things' not only became mainstream, but turned into a serious enabler of ever larger attacks and a source of many future problems.... (>) |
|
|
2014-12-31 UTC |
| As 2014 ends, Spamhaus reviews the botnet threats that it detected in
the past year, and provides facts and useful suggestions for ISPs and
web hosts on the front lines of the battle against cybercrime. To
nobody's surprise, botnet activity appears to be increasing. The
majority of detected botnets are targeted at obtaining and exploiting
banking and financial information. Botnet controllers (C&Cs) are hosted
disproportionately on ISPs with understaffed abuse departments,
inadequate abuse policies, or inefficient abuse detection and shutdown
processes. Botnet C&C domains are registered disproportionately with
registrars in locations that have lax laws or inadequate enforcement
against cybercrime.... (>) |
|
|
2013-06-12 UTC |
| In June 2012, Spamhaus launched the Spamhaus BGP feed (BGPf), a new service designed to protect organizations, network owners and network providers from... (>) |
|
