The Most Comprehensive C2 Feed Available…
The Controller Feed contains all of our botnet controller data from the Botnet Analysis and Reporting System (BARS), a unique system that enables visibility into botnets that normally evade monitoring, plus other sources for our most comprehensive view of Command and Control (C2) for IRC-based, HTTP-based, and P2P-based botnets. This feed provides the full URL, malware hash, and DNS resource record of the controllers enabling you to cross reference, monitor, or block connections.
Feed Details…
-
Near-real-time identification of botnet command and control (C&C) IP addresses (IRC, http, and P2P) built for DDoS, warez, and underground economy to include bot types, passwords, channels, and our insight.
-
Contains all confirmed, active botnet, warez, underground economy and other malware distribution command points.
-
Use this data to automatically block access to C&C IP addresses.
-
The report is updated every 60 minutes.
Controller Feed Entries Include
-
Multiple IP addresses for a single botnet
-
Domain name and HTTP URL
-
First seen time
-
Last checked time
-
Recent up and down times
-
Family, sub-family and version details
-
Protocol and port
-
Whether currently resolves or active in DNS
-
Confidence value
-
SHA1 and MD5 for malware samples
-
SSL and request type for HTTP C2s
-
Password, channel and key for IRC servers