BLACK LOTUS LABS

We’re defenders of a clean internet, proactively taking down ~63 C2s per month.

Read the 2019 Threat Report

Black Lotus Labs reveals the current state of the threat landscape to help you defend your network.

We see more,

so we can stop more.

Black Lotus Labs’ mission is to leverage our network visibility to both help protect your business and keep the internet clean. Follow us on Twitter @BlackLotusLabs.

~190B NetFlow sessions monitored daily
680+ new C2s discovered per month
~28,000 C2s monitored daily

Resources

A Look Inside the TrickBot Botnet

Bolstered by contributions from Black Lotus Labs and others, Microsoft and FS-ISAC recently took court action to disrupt a particularly insidious botnet called TrickBot – a significant source of ransomware and banking credential theft.

READ BLOG

Alina Point of Sale Malware Still Lurking in DNS

Black Lotus Labs monitors global DNS traffic for anomalous behavior that may be malicious.

READ BLOG

New Mozi Malware Family Quietly Amasses IoT Bots

The explosion of IoT devices has long served as a breeding ground for malware distribution.

READ BLOG

Ismdoor Malware Continues to Make Use of DNS Tunneling

Despite the ubiquity of DNS, many security teams today do not prioritize it as a focus for monitoring.

READ BLOG

Emotet Illuminated: Mapping a Tiered Botnet Using Global Network Forensics

Emotet is a pervasive and continually evolving threat, morphing from a prominent banking trojan to a modular spam and malware-as-a-service botnet.

READ BLOG

Black Lotus Labs Blog Archive

Read our full archive of blogs to learn more about the threat landscape.

READ BLOG