Threat Intelligence

Bad Packets® Cyber Threat Intelligence

The cybersecurity landscape is constantly evolving as emerging threats continue to target enterprise networks, IoT devices, and cloud computing environments. Monitoring and identifying these threats is a critical task to mitigate the damage done by threat actors.

We detect active Mirai and Hajime botnets that are scanning the internet, conducting exploit attempts, and engaging in DDoS attacks.

Mirai-like detections last 365 days
Mirai-like detections by daily share of port/service targeted.

New unique Mirai-like detections are added to mirai.badpackets.net hourly. Paid plans include the port/service being targeted and source port to enable locating devices behind a NAT firewall.

In addition to tracking botnets, we provide threat intelligence data feeds for attacks targeting:

  • IoT/CPE devices (Consumer routers/modems, IP cameras)
  • Content Management Systems (WordPress, Drupal)
  • Distributed computing platforms (Hadoop, Kubernetes)
  • Frameworks (PHP, ColdFusion)

Our datasets are tagged with indicators of compromise (IOCs) and include which vulnerabilities are being exploited so you can quickly identify relevant threats to your organization.

Visit our pricing page to sign up for our threat intelligence packages.