Please update your browser.

Our site no longer supports this browser. Using another one will help provide a better experience.

UPDATE YOUR BROWSER
Menu

BLACK LOTUS LABS®

We’re defenders of a clean internet, proactively disrupting ~150 C2s per month through takedowns and notifications.

The Key to Identifying and Thwarting Threats: Network Visibility.

WATCH WEBINAR

See more. Stop more.®

The Black Lotus Labs® mission is to leverage our network visibility to both help protect your business and keep the internet clean. Follow us on Twitter @BlackLotusLabs®.

 

  • ~200B+ NetFlow sessions monitored daily
  • ~1B DNS queries collected per day for continuous learning
  • ~46,000 C2s monitored daily

 

VIDEO (1:52)

Black Lotus Labs sees and disrupts threats that others can't, our mission is to keep the internet clean.
Black Lotus Labs sees and disrupts threats that others can't, our mission is to keep the internet clean. PlayButton

Resources

CLDAP Reflectors on the Rise Despite Best Practice

Black Lotus Labs is tracking a rise in misconfigured CLDAP services that are being abused in DDoS reflection attacks.

READ BLOG

CLDAP Reflectors on the Rise Despite Best Practice

Black Lotus Labs is tracking a rise in misconfigured CLDAP services that are being abused in DDoS reflection attacks.

Chaos is a Go-Based Swiss Army Knife of Malware

Black Lotus Labs, the threat intelligence arm of Lumen Technologies, recently uncovered a multifunctional Go-based malware that was developed for both Windows and Linux, as well as a wide array of software architectures used in devices ranging from small office/home office (SOHO) routers to enterprise servers.

READ BLOG

Chaos is a Go-Based Swiss Army Knife of Malware

Black Lotus Labs, the threat intelligence arm of Lumen Technologies, recently uncovered a multifunctional Go-based malware that was developed for both Windows and Linux, as well as a wide array of software architectures used in devices ranging from small office/home office (SOHO) routers to enterprise servers.

ZuoRAT Hijacks SOHO Routers to Silently Stalk Networks

Black Lotus Labs, the threat intelligence arm of Lumen Technologies, is currently tracking elements of what appears to be a sophisticated campaign leveraging infected SOHO routers to target predominantly North American and European networks of interest.

READ BLOG

ZuoRAT Hijacks SOHO Routers to Silently Stalk Networks

Black Lotus Labs, the threat intelligence arm of Lumen Technologies, is currently tracking elements of what appears to be a sophisticated campaign leveraging infected SOHO routers to target predominantly North American and European networks of interest.

Windows Subsystem For Linux (WSL): Threats Still Lurk Below the (Sub) Surface

Since our initial report, Black Lotus Labs continues to monitor the WSL attack surface for new developments. In the last few months, we have identified several different samples that indicate the capability is evolving. 

READ BLOG

Windows Subsystem For Linux (WSL): Threats Still Lurk Below the (Sub) Surface

Since our initial report, Black Lotus Labs continues to monitor the WSL attack surface for new developments. In the last few months, we have identified several different samples that indicate the capability is evolving. 

Emotet Redux

Since its reemergence on Nov. 14, 2021, Black Lotus Labs has once again been tracking Emotet, one of the world’s most prolific malware distribution families which previously infected more than 1.6M devices and caused hundreds of millions of dollars in damage across critical infrastructure, healthcare, government organizations and enterprises around the world.

READ BLOG

Emotet Redux

Since its reemergence on Nov. 14, 2021, Black Lotus Labs has once again been tracking Emotet, one of the world’s most prolific malware distribution families which previously infected more than 1.6M devices and caused hundreds of millions of dollars in damage across critical infrastructure, healthcare, government organizations and enterprises around the world.

Black Lotus Labs® Blog Archive

Read our full archive of blogs to learn more about the threat landscape.

READ BLOG

Black Lotus Labs® Blog Archive

Read our full archive of blogs to learn more about the threat landscape.

Lumen logo
Lumen logo

Not all products and services are available in all regions and countries; please contact a representative near you for details.