malvertising detection

Updates about recent increase in infections

January 28, 2016 | By

Six days ago, we added the malware tracker and “malvertising” tracker to the list of supported open source domain feeds in Since then, we have seen a significant increase in the number of discovered infections across all users.

We built to block and intercept the downloading of malware and malware command-and-control. We strive for zero false positives; if generates a notification it’s because we believe you need to know about what’s happening on your network and take action accordingly.

Unfortunately, many of the domains in the “malvertising” list do not meet our criteria for blackholing inĀ; they are not currently serving malware or malware command-and-control. Because of this, we are removing this feed from immediately. Based on our analysis, the domains on this list that do meet our criteria are also included in the malware feed and other feeds we already support.

No immediate action is needed on your part. If you would like help understand your infections in we are always here to help you. Feel free to contact us.

In light of this experience, new domain feeds will be deployed both internally and for select early adopters before making them generally available to all users. If you would like to opt-in to these feeds, feel free to send us an email.