Enterprise Data Feeds

The information security landscape has become so complex and diversified that companies need reliable and up-to-the-minute threat data to leverage existing security strategies. The amount of malware and ransomware is steadily and rapidly increasing.


Given the volume and complexity of these emerging threats, relying on a single security vendor can significantly decrease your visibility of cyber attacks.


The safest, most logical plan for organizations of all sizes and verticals is to obtain threat data from unrelated sources and utilize them as part of a layered security strategy.


FREE Data Evaluation

 Contact Us > 

 Portal Login > 

 

Malware Patrol is exclusively focused on malware and ransomware. For this reason, our data feeds are a highly reliable security layer for the prevention of infections, the transmission of compromised data, and communications with botnets and command and control servers. Our database is updated constantly by crawlers in the cloud: each indicator is verified every day, DNS names are resolved 4-6 times a day and newly discovered URLs are processed within an hour.


Are you looking for threat data feeds to integrate with your existing data sets? Or you want to test how our data can help protect your network and assets? We offer a no-obligation data evaluation period during which you can confirm the quality of our feeds. Contact us for further details.



Threat Data Feeds

Malware Patrol offers customized and pre-defined data feeds to companies that are looking for threat data to integrate with their existing data sets, as well as those looking to protect networks and users. We do our best to provide data in formats that make integration as easy and fast as possible. All our feeds are updated, at least, every hour.



 

Data Sheet

 Download 

Malware & Ransomware data feeds:



Malware URL feeds are provided with addresses in two formats: sanitized, which includes protocol, hostname, domain name and directories, but not the binary file name; and unsanitized, including protocol, hostname, domain name, directories and also the file name and extension of the malware. Sanitized feeds are useful when there is no need to download the binary or to block it granularly. When downloading and/or monitoring the malware is important, the unsanitized feeds are a better choice.

DGA Data

Malware Patrol acquires and monitors DGAs used by multiple malware and ransomware families. Most ransomware won't be able the encrypt files if they can't reach a command a control server to retrieve cryptographic keys. Blocking access to domains generated via DGA is an effective way to prevent data loss and extortion.

Bebloh

  

 Cryptolocker 

  

 CryptoWall 

  

Dyre

 

Zeus (GOZ)

  

Geodo

  

Hesperbot

  

Matsnu

 

P2P GOZ

  

Pushdo

  

Symmi

  

Tinba

 

 TorrentLocker 

  

 Shiz / Shifu

        

Real Time DDoS Attacks
Bitcoin blockchain

DDoS attacks are a major threat to companies of all sizes. Apart from implementing DDoS mitigation strategies, access to threat data on the latest attacks is vital to understand the current landscape and its trends. Malware Patrol maintains a data feed containing live records of amplification and reflection DDoS attacks that happened in the last 24 hours. It is produced with data collected by sensors deployed all over the Internet. The feed is updated every 20 minutes.

Many systems and protocols widely available on the Internet are abused by attackers to generate abnormal amounts of traffic, including: NTP, DNS, CharGEN, SSDP, among others. These are the services that our honeypots mimic to capture real time information about attacks, without taking part on them.

Details about amplification and reflection DDoS attacks can be found on our blog post DDoS Reflection and Amplification Attacks.

Contact us to know more and to request evaluation access.


Bitcoin blockchain
Bitcoin blockchain

The Blockchain Strings Data Feed contains all the text inserted into the Bitcoin blockchain since its beginning. This include a huge variety of information that range from miner names, poems and tributes to URLs that point to obscure and illegal web sites, encoded files and malicious source code. The feed is updated every 6 hours and is specially interesting to threat researchers and companies monitoring data sources for potential brand infringements. Please be aware that Malware Patrol is not responsible for the contents of this feed. It may include offensive or illegal material and links may point to malicious web sites, malware and ransomware.

Business Partners

Become a partner or reseller:

Malware Patrol is searching for qualified partners and resellers that can help drive more business and expand our protected user base. Contact us and together we will make the Internet a safer place for everybody.

Back to top