Choking the botnets – RPZ protecting a client’s users across the USA.

December 23, 2016 by Barry Branagh

Spamhaus RPZ (Response Policy Zones) service successfully protected a customer over the weekend from over 10,000 attempted connections to a C&C server that was distributing malware

Users across the USA have been protected from a compromised ad-blocker site thanks to Spamhaus Response Policy Zone blocklist identifying it as being a botnet command and control server.

A US-based multi-site operation uses ad-blockers as a standard tool to stop unwanted pop-ups, drive-by malware sites and just nuisance network activity. But when the ad-blocker was compromised, each connection to it could carry a threat with the potential damage escalating rapidly as automated, constant connection to ad-blockers is needed for them to be effective.

However with the compromised server’s domain identified as being under botnet control on the Spamhaus RPZ blocklist, the botnet threat was choked with more than 10,000 queries to the compromised machine blocked in 48 hours.

Sign up for a free 30-day trial

December 5, 2018

Getting your Spamhaus data feeds via Rsync? You may need to move to DQS

We’ve made some changes.  “Urgh!” we hear you sigh.  Few people like changes; be that a change in the user...

Read more
October 5, 2018

Protecting against hailstorm spam with “Dynamic Updates”

High-speed and high-volume: Hailstorm spam is one method cyber criminals are using to overwhelm target organizations’ defenses, but Spamhaus is...

Read more
September 17, 2018

Spamhaus Technology showcases new threat detection tool at GovWare

GovWare 2018 in Singapore will see the launch of a new detection tool developed by Deteque, a division of Spamhaus,...

Read more

Engage with us on

It’s time to protect your organization

Start my free trial