Please update your browser.

Our site no longer supports this browser. Using another one will help provide a better experience.

BLACK LOTUS LABS®

We are defenders of a clean internet, proactively taking down ~75 C2s per month.

We see more, 

so we can stop more.

The Black Lotus Labs® mission is to leverage our network visibility to both help protect your business and keep the internet clean. Follow us on Twitter @BlackLotusLabs®.

 

  • ~195B NetFlow sessions monitored daily
  • ~1B DNS queries collected per day for continuous learning
  • ~42,000 C2s monitored daily

 

Black Lotus Labs

Resources

No Longer Just Theory: Black Lotus Labs Uncovers Linux Executables Deployed as Stealth Windows Loaders

Black Lotus Labs recently identified several malicious files that were written primarily in Python and compiled in the Linux binary format ELF (Executable and Linkable Format) for the Debian operating system.

ReverseRat Re-emerges with a (Night)Fury New Campaign and New Developments, Same Familiar Side-Actor

After publishing our initial research, we have continued to track this actor and recently uncovered an updated version of the ReverseRat agent, which we are calling ReverseRat 2.0.

Charting the Real-World Application of CTFs

At Black Lotus Labs, we participate in CTFs to understand how threat actors could circumvent security controls, exploit software vulnerabilities and chain multiple attack techniques.

Suspected Pakistani Actor Compromises Indian Power Company With New ReverseRat

Lumen’s Black Lotus Labs detected a new remote access trojan we are calling ReverseRat.

Hacktivist Campaign Spreads Manifesto Through Router Configuration Files

The Black Lotus Labs® team at Lumen Technologies recently discovered a hacktivist campaign affecting internet-exposed routers and switches that occurred primarily on May 13, 2021.

Black Lotus Labs® Blog Archive

Read our full archive of blogs to learn more about the threat landscape.

Powered by Translations.com GlobalLink OneLink SoftwarePowered By OneLink