Today's Malware

Real-time data on the top malware threats from our award-winning SophosLabs Team.More

Today's Spam Threats

We monitor spam from all sources, every day. View our spam dashboard for real-time data.More

IP Address Lookup

If you can see this then you have CSS disabled. This is a honeypot to catch bots, leave this textbox empty

An error has occurred, please try again later.

SophosLabs maintains lists of IP addresses suspected to be spam sources.

IP Address Classification Policy

Threat Awareness

Share your questions, answers, advice and comments about threats in the Sophos Community.

The AI Challenge

Are you smarter than a machine? Play the game to find out.

Meet a SophosLabs Researcher

SophosLabs has a talented team of threat researchers and data scientists worldwide.

Latest News


Emotet’s return is the canary in the coal mine

In the past week, we’ve observed that one of the most prevalent, widely-distributed malware families in the world has reawakened after a prolonged absence. Emotet, the ubiquitous botnet that arrives in the guise of any of a thousand different bogus email messages, never really went away when it suddenly stopped appearing in our internal records […]

ProLock ransomware gives you the first 8 kilobytes of decryption for free

As organizations were scrambling to deal with the lockdowns associated with the global COVID-19 pandemic, a new wave of ransomware attacks began. The ransomware,  called ProLock, is a successor to PwndLocker, a ransomware strain that emerged late in 2019. PwndLocker’s distribution was short-lived, primarily because it was discovered that the keys needed to decrypt files […]

It’s always DNS, including on July, 2020’s Patch Tuesday

For our roundup of July, 2020’s Patch Tuesday release, Microsoft today published a few patches that need quick attention. Microsoft fixes 123 vulnerabilities across their product lines this month including 20 classified as Critical, and a whopping 103 flagged as Important.  As usual all the additional details can be found in the Security Update Guide Release […]

RATicate malware gang goes commercial

O, what tangled code we weave, when first we practise to deceive!

RATicate upgrades “RATs as a Service” attacks with commercial “crypter”

In May, we reported initial findings on RATicate, a group of actors spreading remote administration tools (RATs) and other information-stealing malware at least since last year. We tracked multiple malicious spam (“malspam”) email campaigns from the group, with attached installers that usually posed as documents related to financial transactions. In recent campaigns, the group’s tactics […]

Mykings jumps on the Corona train

The ubiquitous, noisy, SQL-attacking botnet can't help comparing itself to a deadly disease

SophosLabs Overview

Data Science
  • Machine learning model development
  • Artificial intelligence research, thought leadership
Threat Intelligence
  • Rapid response to new threats and escalations
  • Deep research into threats and attack profiles
  • Automation of threat analysis and response
  • Quality assurance testing, analysis, and metrics