map.lookingglasscyber.com
Open in
urlscan Pro
2a03:b0c0:2:d0::c36:8001
Public Scan
Submitted URL: http://map.lookingglasscyber.com/
Effective URL: https://map.lookingglasscyber.com/
Submission: On August 22 via manual from SG
Effective URL: https://map.lookingglasscyber.com/
Submission: On August 22 via manual from SG
Form analysis 0 forms found in the DOM
Text Content
Loading… THREAT MAP Filter What is this? INFECTIONS / SECOND (7) LIVE ATTACKS (32) BOTNETS (1)Total Numbers COUNTRIES (12)Percentage 0.20.40.60.81.21.41.61.80.00.51.01.52.02.53.03.54.0:45:50:5503:59:05:10:15:20:25:30:35 -------------------------------------------------------------------------------- Start Date: 2021/8/22 3:59:30 End Date: 2021/8/22 3:59:40 * Sality CN Mianyang * Sality IN N/A * Sality CN Lhasa * Sality CN N/A * Sality KZ Karaganda * Sality TN Ariana * Sality CN Shenzhen * Sality CN Shanghai * Sality CN Xiangyang * Sality ID Jakarta * Sality PH N/A * Sality CN Fuzhou * Sality CN Mianyang * Sality32 * China53.13% * Russian Federation9.38% * Indonesia6.25% * Unknown6.25% * Hong Kong3.13% * India3.13% * Kazakhstan3.13% * Peru3.13% * Philippines3.13% * Sri Lanka3.13% * Tunisia3.13% * Venezuela3.13% 01:59:39 Sality China Telecom Xizang AS4134 No.31Jin-rong Street CN Lhasa 01:59:39 Sality Unknown - CN N/A 01:59:39 Sality Tele2 Kazakhstan AS48503 Tele2 SWIPnet KZ Karaganda 01:59:39 Sality OoredooTN AS37693 TUNISIANA TN Ariana 01:59:39 Sality China Mobile AS56040 China Mobile communications corporation CN Shenzhen 01:59:39 Sality China Telecom Shanghai AS4812 China Telecom (Group) CN Shanghai 01:59:39 Sality China Telecom Hubei AS4134 No.31Jin-rong Street CN Xiangyang 01:59:40 Sality PT Telkom Indonesia AS17974 PT Telekomunikasi Indonesia ID Jakarta 01:59:40 Sality Globe Telecoms AS4775 Globe Telecoms PH N/A 01:59:40 Sality China Telecom AS4134 No.31Jin-rong Street CN Fuzhou 01:59:40 Sality China Telecom AS4134 No.31Jin-rong Street CN Mianyang DATA FEEDS Infection Records Phishing URL Malware URL DISPLAY OPTIONS Infection Details View Fullscreen Hide Statistics -------------------------------------------------------------------------------- Country * Canada * China * France * Germany * Japan * Russia * UK * USA * * All Countries Botnet * APT * Conficker * Mobile * Ramdo * Sality * Trojan * ZeroAccess * * All Botnets Restart © 2019 - LookingGlass Cyber Solutions, Inc. - All Rights Reserved. Leaflet | Botnet data © LookingGlass | Tiles © Esri & GIS User Community THREAT MAP × CYVEILLANCE INFECTION RECORDS DATA FEED Let's Face It: Your desktop antivirus software is know to be ineffective for zero-day attacks. Even with daily updates, your antivirus vendor might lack sufficient global reach to find the newest and most sophisticated infections. And, in spite of antivirus, firewalls, and proxies, LookingGlass research indicates that that devices everywhere, from private individuals' computers to governments, have active infections. The LookingGlass global botnet monitoring system, based on a worldwide sinkhole network, catches infections that your security infrastructure fails to detect. Its accuracy is assured by analyzing malware command and control (C2) communications and applying false-positive detection algorithms on newly identified infections to ensure that only new infections are recorded. The LookingGlass Infection Records Data Feed provides a convenient, additional layer of security. LookingGlass Infection Records Data Feed Use Cases The following IT security teams use the LookingGlass Infection Records Data Feed: * The security incident response team now has an additional input to operations, with all the information needed to quarantine and remediate an infected server. * The third-party risk management team now has a powerful tool to enhance activities such as physical inspections and periodic surveys, using the feed to identify new infections among partners and suppliers. * The threat intelligence team can use the feed to bring actionable recommendations to situational reviews based on analyses such as understanding the size of specific botnets, regions or countries where new infections are active, and targets such as industry peers. DELIVERY * The LookingGlass Infection Records Data Feed is delivered in OpenTPX format. * Purchasers of the Infection Records Data Feed gain access to the Infections Record Portal along with several analysis tools. Learn more. NEXT STEPS * Visit the Virus Tracker website * Contact us for more information about LookingGlass Machine-Readable Threat Intelligence. Close × LOOKINGGLASS PHISHING URL C2 & DATA FEED The unfortunate truth in IT security today is that with as many solutions as are being deployed, infection vectors remain and through those, malware becomes embedded in servers and user computers. Now it is possible to find and stop embedded malware before it can do damage. The LookingGlass Malicious C2 Data Feed is a list of domains of malware command and control (C2) servers. Most embedded malware requires instructions from a command and control server in order to perform pernicious acts such as data exfiltration or scrambling data for ransom. But almost every advanced malware needs a DNS lookup to communicate with a C2 server. Stopping the DNS lookup stops the malware in its tracks. LookingGlass Cyber Analysts create the LookingGlass Malicious C2 Data Feed by reverse-engineering malware and, in particular, finding domain-generation algorithms (DGA) embedded within the malware code. Reverse-engineering and using the DGA enables the analysts to generate hundreds of domains that threat actors have registered and bound to C2 servers. The malware is found using the same global sinkhole network used to find malware infections provided in the LookingGlass Infection Records Data Feed. USE CASES * Dynamic Threat Defense - LookingGlass Dynamic Threat Defense (DTD) is a LookingGlass cyber security solution that utilizes the LookingGlass Malicious C2 Data Feed to automatically mitigate threats via LookingGlass DNS Defender. DTD allows your organization to be automatically protected from threats such as embedded malware, viruses and trojans. In addition, LookingGlass DTD logs malware attempts to find C2 servers, enabling fast remediation of infected machines in your network. NEXT STEPS * • Find out how LookingGlass can help you identify threats that matter to you. https://lookingglasscyber.com/solutions * Contact us for more information about LookingGlass Machine-Readable Threat Intelligence. Close IP BANNED The IP was banned due to excessive usage. If you would like to re-gain access to the map email us your IP at virustracker@lookingglasscyber.com. × WHAT IS THIS? This real-time map shows actual data from our threat intelligence feeds including: * LookingGlass Infection Records Data Feed * LookingGlass Malicious URL Data Feed * LookingGlass Phishing URL Data Feed ABOUT LOOKINGGLASS LookingGlass delivers the most comprehensive threat intelligence-driven solutions in the market enabling security teams to efficiently and effectively address threats throughout the cyber threat lifecycle. With a scalable solutions portfolio of threat data feeds, a threat intelligence management platform, threat mitigation solutions, and threat intelligence services, LookingGlass enables security teams to prevent, detect, understand, and respond to analyzed, prioritized, relevant threats.Additionally, with a deep knowledge of the global Internet topology and near real time activity, LookingGlass helps organizations understand threats inside and outside their perimeter - including threats that may be impacting third party trusted partners, other organizations in their industry, and the latest threat trends impacting the global Internet at large. NEXT STEPS * Find out how LookingGlass can help you identify threats that matter to you. www.lookingglasscyber.com/solutions * Contact us to learn more about our intelligence feeds. 67 users Close 100%