BLACK LOTUS LABS®

We’re defenders of a clean internet, proactively disrupting ~150 C2s per month through takedowns and notifications.

The Key to Identifying and Thwarting Threats: Network Visibility.

See more. Stop more.®

Black Lotus Labs sees and disrupts threats that others can't, our mission is to keep the internet clean.
Black Lotus Labs sees and disrupts threats that others can't, our mission is to keep the internet clean. PlayButton

Resources

Qakbot: Retool, Reinfect, Recycle

Using Black Lotus Labs’ global visibility, we have tracked Qakbot’s more recent campaigns to observe the network structure, and gained key insights into the methods that support Qakbot’s reputation as an evasive and tenacious threat.

Qakbot: Retool, Reinfect, Recycle

Using Black Lotus Labs’ global visibility, we have tracked Qakbot’s more recent campaigns to observe the network structure, and gained key insights into the methods that support Qakbot’s reputation as an evasive and tenacious threat.

New HiatusRAT Router Malware Covertly Spies on Victims

Lumen Black Lotus Labs identified a new campaign involving compromised routers. HiatusRAT allows threat actors to remotely interact with the system.

New HiatusRAT Router Malware Covertly Spies on Victims

Lumen Black Lotus Labs identified a new campaign involving compromised routers. HiatusRAT allows threat actors to remotely interact with the system.

CLDAP Reflectors on the Rise Despite Best Practice

Black Lotus Labs is tracking a rise in misconfigured CLDAP services that are being abused in DDoS reflection attacks.

CLDAP Reflectors on the Rise Despite Best Practice

Black Lotus Labs is tracking a rise in misconfigured CLDAP services that are being abused in DDoS reflection attacks.

Chaos is a Go-Based Swiss Army Knife of Malware

Black Lotus Labs, the threat intelligence arm of Lumen Technologies, recently uncovered a multifunctional Go-based malware that was developed for both Windows and Linux, as well as a wide array of software architectures used in devices ranging from small office/home office (SOHO) routers to enterprise servers.

Chaos is a Go-Based Swiss Army Knife of Malware

Black Lotus Labs, the threat intelligence arm of Lumen Technologies, recently uncovered a multifunctional Go-based malware that was developed for both Windows and Linux, as well as a wide array of software architectures used in devices ranging from small office/home office (SOHO) routers to enterprise servers.

ZuoRAT Hijacks SOHO Routers to Silently Stalk Networks

Black Lotus Labs, the threat intelligence arm of Lumen Technologies, is currently tracking elements of what appears to be a sophisticated campaign leveraging infected SOHO routers to target predominantly North American and European networks of interest.

ZuoRAT Hijacks SOHO Routers to Silently Stalk Networks

Black Lotus Labs, the threat intelligence arm of Lumen Technologies, is currently tracking elements of what appears to be a sophisticated campaign leveraging infected SOHO routers to target predominantly North American and European networks of interest.

Black Lotus Labs® Blog Archive

Read our full archive of blogs to learn more about the threat landscape.

Black Lotus Labs® Blog Archive

Read our full archive of blogs to learn more about the threat landscape.