MALWARE & MALICIOUS NETWORKS THREAT INTEL
Malware & Malicious Networks
Cybercriminals have developed botnet malware that contains domain generation algorithms (DGAs) that generate huge numbers of domains (Conficker C’s DGA generates 50,000 domains aper day) in response to law enforcement agencies that successfully have shut down botnets by taking malicious domains offline.
By generating thousands of domains daily and registering only a few of them, cybercriminals manage to retain control over a least a portion of their networks, even if some of their domains are taken offline.
With a team of global security researchers, we are able to track connections between criminal networks, malicious domains and compromised IP addresses. This enables to gain visibility of malicious domains as soon as they are registered.
By making use of malware reverse engineering techniques it is possible to for researchers to expose DGA domains, allowing them to block them before the criminals start to make use of them.
Benefits of using Malware & Malicious Threat Intelligence Data
- With near zero false positives our domain-based data can be used to identify infected computers on
networks by showing which machines have tried to connect to domains listed in the threat database.
- Based on its real-time threat intelligence, businesses can utilize domain reputation and IP reputation
data to prevent computers from connecting to malware-hosting sites and botnet C&Cs.
- Domain and IP-based threat intelligence offers near real-time protection for your network against
Exploited Devices, malicious domains, automated attack and abuse threat data. This threat datafeed is a comprehensive and detailed list designed to identify bot traffic. A of infected hosts:
- 6-8 million entries of Bot-infected machines
- Very high detection accuracy
- Updated every 30 minutes or less
- Includes rich meta data:
- CIDR allocation
- C&C Bot Name