Find all our malware updates on this page, giving you monthly insight into observed malware campaigns
The Malware Digest
In this report, we highlight malware trends utilizing data from abuse.ch’s open platforms. These collect, track and share resources relating to malware campaigns, including the URLs of malware distribution sites, malware samples, and indicators of compromise.
Each section will provide you with a detailed look at who and what data has been shared in the past month showing possible trends in malware operations.
All malware digests
Register for Marketing Updates
Every quarter we release three reports, plus ad hoc best practices, our latest research observations, and more. Be the first to receive it with the insight straight to your mailbox - relevant content only, at most once a month.
August saw an increase in new malware sites hosted in The Netherlands (284%) and Singapore (220%). Whilst, Mirai appear is making a come back - with an increase in distribution sites and malware samples shared.
Published 4 Aug 2023
This month saw a spike in new malware sites hosted in Bulgaria (almost 400%) and a welcomed 55% decrease (finally!) in the US. With new entrant DBatLoader contributing 22% of all IOCs shared via ThreatFox. Read the full report.
Published 6 Jul 2023
Another busy month for Qakbot - 61.4% of ALL malware sites shared on URLhaus and 4,150 IOCs shared on ThreatFox. Malware sites hosted in India is on the rise, with Indian network BSNL climbing to #1 host of malware distribution sites.
Published 6 Apr 2023
Together, Emotet and Qakbot were responsible for 38% of ALL malware sites shared on URLhaus, Mirai had the biggest growth across the board, and there are officially over 1 million IOCs shared on ThreatFox. Find the report here:
Published 3 Mar 2023
The U.S. experienced a 447% increase in the number of malware distribution sites it was hosting. Meanwhile, a familiar name returned with vengeance; Qakbot, which was associated with the largest number of IOCs.
Published 3 Feb 2023
January saw an increase in new malware sites hosted in Russia (almost 200%!) and decrease in the US by 95%. We also saw a big increase in compromised hosts spreading Mirai.
Published 5 Jan 2023
It was a busy month for Qakbot - ThreatFox saw 30,611 IOCs related to this malware threat. On the flip side, we are happy to celebrate 1k active hunting rules on MalwareBazaar!
Published 8 Dec 2022
Emotet is well and truly back! abuse.ch saw a 68% increase in Indicators of Compromise relating to this malware family - find more in November’s malware report.
Published 4 November 2022
Using data from abuse.ch's platforms, the report gives an overview of malware campaigns, with insights into malware distribution sites, samples, IOCs & YARA rules.
Published 6 October 2022
Using data from abuse.ch's platforms, the report gives an overview of malware campaigns, with insights into malware distribution sites, samples, IOCs & YARA rules.
Published 7 September 2022
Using data from abuse.ch's platforms, the report gives an overview of malware campaigns, with insights into malware distribution sites, samples, IOCs & YARA rules.
