An Insider View Into The Increasingly Complex Kingminer Botnet
Cloud Snooper Attack Bypasses AWS Security Measures
MyKings: The Slow But Steady Growth of a Relentless Botnet
SophosLabs Ransomware Behavior Report

Today's Malware

Real-time data on the top malware threats from our award-winning SophosLabs Team.More

Today's Spam Threats

We monitor spam from all sources, every day. View our spam dashboard for real-time data.More
Adware and PUAs
Controlled Applications

IP Address Lookup


If you can see this then you have CSS disabled. This is a honeypot to catch bots, leave this textbox empty



127.0.0.1

An error has occurred, please try again later.

SophosLabs maintains lists of IP addresses suspected to be spam sources.

Submit An Appeal

IP Address Classification Policy

Threat Awareness

Share your questions, answers, advice and comments about threats in the Sophos Community.

Visit the Forum

Technical Papers

Here you will find a range of papers aimed at system administrators and security specialists on a variety of topical issues. Some of these papers have been presented at security seminars and technical conferences around the world.

An Insider View Into The Increasingly Complex Kingminer Botnet

Kingminer is an opportunistic botnet that keeps quiet and flies under the radar. The operators are ambitious and capable, but don’t have endless resources – they use any solution and concept that is freely available, getting inspiration from public domain tools as well as techniques used by APT groups.

View Research

Cloud Snooper Attack Bypasses AWS Security Measures

An investigation into an attack against a cloud computing server reveals an unusual and innovative way for malware to communicate through Amazon’s firewalls

View Research

MyKings: The Slow But Steady Growth of a Relentless Botnet

The botnet known as MyKings wields a wide range of automated methods to break into servers – all just to install cryptocurrency miners.

View Research

SophosLabs Ransomware Behavior Report

What defenders should know about the most prevalent and persistent malware families.

View Research

SophosLabs 2020 Threat Report

Challenges the world faces for the coming year, securing data, devices, and people in an increasingly complex environment.

View Research

WannaCry Aftershock

On May 12th, 2017, organizations across the world were attacked by a new, fast-spreading piece of malware we now know as WannaCry. It is now considered one of the most widespread, and notoriously destructive malware attacks in history, halted only by a researcher getting a lucky break, registering a domain name embedded in the malware that unexpectedly acted as a kill switch. But even today, more than two years hence, WannaCry continues to affect thousands of computers worldwide.

View Research
All Research

Featured Videos

Attacking/Defending Machine Learning Based SoftwareJoshua Saxe

Getting Insight Into Deep Neural NetworksRichard Harang

Network security threats explained: Social engineering

Petya Ransomware Attack: How to Protect Yourself

How WannaCry ransomware works

Comparing the incomparables Gábor Szappanos

Practical Shellcode Analysis Gábor Szappanos

The AI Challenge

Are you smarter than a machine? Play the game to find out.

Play the Game

Meet a SophosLabs Researcher

SophosLabs has a talented team of threat researchers and data scientists worldwide.

Learn More

Latest News

All News
02
Jul

Mykings jumps on the Corona train

The ubiquitous, noisy, SQL-attacking botnet can't help comparing itself to a deadly disease
24
Jun

Glupteba malware hides in plain sight

A worm focused on concealment and stealth may keep malware payloads hidden from view
18
Jun

New Bundlore adware targets macOS with updated Safari extensions

Browser add-ons are a common source of privacy and security concerns. While they are usually legitimate software products with real companies behind them, these plug-ins can also be used by unscrupulous software developers as a way to turn downloads of free software into a revenue stream–dropping browser add-ons that gather information from the user, inject […]
09
Jun

Microsoft pushes fixes for 128 security bugs in June, 2020 Patch Tuesday

In this month’s Patch Tuesday, a total of 128 security vulnerabilities have been patched in Microsoft products, a slight increase compared to the last few months. Only twelve of the vulnerabilities are rated “Critical.” None of the bugs have been found being exploited in the wild (yet). In addition, a remote code execution vulnerability in […]
09
Jun

Cryptomining criminals under the spotlight – a SophosLabs report

A new SophosLabs report takes you inside a cryptomining gang.
09
Jun

Kingminer escalates attack complexity for cryptomining

An opportunistic botnet that tries (not always successfully) to fly under the radar, Kingminer is nevertheless a persistent nuisance that delivers cryptocurrency miners as a payload. The botnet’s operators may be ambitious and capable, but they don’t appear to have endless resources, so they take advantage of any freely available solution to the problem of […]
All News

SophosLabs Overview

Data Science
  • Machine learning model development
  • Artificial intelligence research, thought leadership
Threat Intelligence
  • Rapid response to new threats and escalations
  • Deep research into threats and attack profiles
Operations
  • Automation of threat analysis and response
  • Quality assurance testing, analysis, and metrics