Choking the botnets - RPZ protecting a client's users across the USA.
2016-12-23 12:00:00 GMT, by Barry Branagh
Spamhaus RPZ (Response Policy Zones) service successfully protected a customer over the weekend from over 10,000 attempted connections to a C&C server that was distributing malware
Users across the USA have been protected from a compromised ad-blocker site thanks to Spamhaus Response Policy Zone blocklist identifying it as being a botnet command and control server.
A US-based multi-site operation uses ad-blockers as a standard tool to stop unwanted pop-ups, drive-by malware sites and just nuisance network activity. But when the ad-blocker was compromised, each connection to it could carry a threat with the potential damage escalating rapidly as automated, constant connection to ad-blockers is needed for them to be effective.
However with the compromised server’s domain identified as being under botnet control on the Spamhaus RPZ blocklist, the botnet threat was choked with more than 10,000 queries to the compromised machine blocked in 48 hours.
About Spamhaus Technology
Founded in London in 2004, Spamhaus Technology provides commercial data distribution and synchronization services for the real-time datastreams, raw datasets and security technologies developed by the non-profit organization The Spamhaus Project.
From the proceeds of these services, Spamhaus Technology supports a pool of worldwide public servers that providing data to the public, funds research into anti-spam technologies and contributes research and equipment to the global fight against cybercrime.
Get in touch
Virus Bulletin reviews the latest Spamhaus Botnet Threat Report
Independent researchers review the latest annual Spamhaus Botnet Threat Report.Read more
Join us at SANS, Las Vegas
Spamhaus Technology and vendor SecurityZones will be showing how to beat botnets at SANS, Las Vegas Sept 12/13th.Read more
Connect with Spamhaus Technology
Keep up to date with the latest news at Spamhaus Technology.