The Spamhaus Project

Botnet C&C

Most Recent First
Filter by date published
Add format filter
Botnet Threat Update January to June 2025

Botnet Threat Update January to June 2025

Botnet C&C
Malware
Report • July 14, 2025 • The Spamhaus Team

Botnets disrupted worldwide...Operation Endgame is BACK!

Operation Endgame, “Season 2”, is officially announced as of Friday, May 23rd, 2025. International law enforcement agencies and their partners have once again joined forces to disrupt and dismantle botnet infrastructure and their operators. In this post, get details of the take-down itself and Spamhaus’ role in victim account remediation.

Malware
Botnet C&C
Blog • May 23, 2025 • The Spamhaus Team

Networks hosting botnet C&Cs: Same players, same problems

With every Botnet Threat Update we publish, the same networks consistently appear in the Top 20 for hosting botnet command and control (C&C) servers. But why does this keep happening? In this Botnet Spotlight, we look into the root causes behind this persistent issue and what networks must do to break the cycle.

Botnet C&C
Malware
Blog • February 11, 2025 • The Spamhaus Team
Botnet Threat Update July to December 2024

Botnet Threat Update July to December 2024

Botnet C&C
Malware
Report • January 13, 2025 • The Spamhaus Team
Botnet Threat Update January to June 2024

Botnet Threat Update January to June 2024

Botnet C&C
Malware
Report • July 09, 2024 • The Spamhaus Team

Operation Endgame | Botnets disrupted after international action

On Thursday, May 30th, 2024, a coalition of international law enforcement agencies announced "Operation Endgame". This effort targeted multiple botnets, such as IcedID, Smokeloader, SystemBC, Pikabot, and Bumblebee, as well as their operators, and Spamhaus is assisting with the remediation efforts.

Malware
Botnet C&C
News • May 30, 2024 • The Spamhaus Team
Botnet Threat Update Q4 2023

Botnet Threat Update Q4 2023

Botnet C&C
Threat intelligence
Report • January 11, 2024 • The Spamhaus Team
Botnet Threat Update Q3 2023

Botnet Threat Update Q3 2023

Botnet C&C
Threat intelligence
Report • October 05, 2023 • The Spamhaus Team

Qakbot - the takedown and the remediation

Writing "Qakbot" and "takedown" in the same sentence is quite something. Usually, Spamhaus is bemoaning the ever-growing numbers of compromised IPs associated with this malware. But, on Tuesday, August 29th, 2023, the Federal Bureau of Investigation (FBI) announced that it coordinated an international group...

Malware
Threat intelligence
News • August 29, 2023 • The Spamhaus Team
Botnet Threat Update Q2 2023

Botnet Threat Update Q2 2023

Botnet C&C
Threat intelligence
Report • July 11, 2023 • The Spamhaus Team
Botnet Threat Update Q1 2023

Botnet Threat Update Q1 2023

Botnet C&C
Threat intelligence
Report • April 12, 2023 • The Spamhaus Team

Neutralizing Tofsee Spambot – Part 3 | Network-based kill switch

In part three, we focus on using a network kill switch - causing an out-of-bounds read error, leading to Tofsee crashing.

Malware
Threat hunting
How To • April 06, 2023 • The Spamhaus Team

Neutralizing Tofsee Spambot - Part 2 | InMemoryConfig store vaccine

In part two, learn about a second malware vaccine our team has produced, focused on polluting Tofsee's internal configuration store.

Malware
Threat hunting
How To • April 06, 2023 • The Spamhaus Team
Botnet Threat Update, Q4 2022

Botnet Threat Update, Q4 2022

Botnet C&C
Threat intelligence
Report • January 12, 2023 • The Spamhaus Team
Annual Botnet Threat Update 2022

Annual Botnet Threat Update 2022

Botnet C&C
Threat intelligence
Report • January 10, 2023 • The Spamhaus Team
Home
Home
...
Home