Please update your browser.

Our site no longer supports this browser. Using another one will help provide a better experience.

Menu

BLACK LOTUS LABS®

We’re defenders of a clean internet, proactively taking down ~75 C2s per month.

We see more, 

so we can stop more.

The Black Lotus Labs® mission is to leverage our network visibility to both help protect your business and keep the internet clean. Follow us on Twitter @BlackLotusLabs®.

 

  • ~195B NetFlow sessions monitored daily
  • ~1B DNS queries collected per day for continuous learning
  • ~42,000 C2s monitored daily

 

Black Lotus Labs

Resources

Hacktivist Campaign Spreads Manifesto Through Router Configuration Files

The Black Lotus Labs® team at Lumen Technologies recently discovered a hacktivist campaign affecting internet-exposed routers and switches that occurred primarily on May 13, 2021.

The Reemergence Of Ransom-Based Distributed Denial Of Service (RDDoS) Attacks

Since the second half of 2020, Lumen Black Lotus Labs® has observed an unsettling number of entities receiving emails containing a threat of sustained DDoS attack unless a Bitcoin ransom was paid.

Tracking UDP Reflectors for a Safer Internet

In recent years, Distributed Denial of Service (DDoS) events have become an ever-present threat, featuring attack traffic pushing to levels measured in terabits per second (Tbps).

Newly Discovered Watering Hole Attack Targets Ukrainian, Canadian Organizations

Black Lotus Labs’® analysis has uncovered a cluster of compromised websites previously used in a series of watering hole attacks.

A Look Inside the TrickBot Botnet

Bolstered by contributions from Black Lotus Labs® and others, Microsoft and FS-ISAC recently took court action to disrupt a particularly insidious botnet called TrickBot – a significant source of ransomware and banking credential theft.

Black Lotus Labs® Blog Archive

Read our full archive of blogs to learn more about the threat landscape.