The Most Comprehensive C2 Feed Available…
The Controller Feed contains all of our botnet controller data from the Botnet Analysis and Reporting System (BARS), a unique system that enables visibility into botnets that normally evade monitoring, plus other sources for our most comprehensive view of Command and Control (C2) for IRC-based, HTTP-based, and P2P-based botnets. This feed provides the full URL, malware hash, and DNS resource record of the controllers enabling you to cross reference, monitor, or block connections.
Near-real-time identification of botnet command and control (C&C) IP addresses (IRC, http, and P2P) built for DDoS, warez, and underground economy to include bot types, passwords, channels, and our insight.
Contains all confirmed, active botnet, warez, underground economy and other malware distribution command points.
Use this data to automatically block access to C&C IP addresses.
The report is updated every 60 minutes.
Controller Feed Entries Include
Multiple IP addresses for a single botnet
Domain name and HTTP URL
First seen time
Last checked time
Recent up and down times
Family, sub-family and version details
Protocol and port
Whether currently resolves or active in DNS
SHA1 and MD5 for malware samples
SSL and request type for HTTP C2s
Password, channel and key for IRC servers