Advanced Threat Intelligence For OEMs

A Sampling of Malicious Detections & Emerging Threats From Around the World

With over 20 years of expertise in categorization and identifying malicious exploits and sites—zvelo delivers industry-leading threat intelligence for network security and antivirus vendors, device manufacturers, MSSPs, web filtering & parental controls, and more. Powered by our human-supervised machine learning systems, and using a combination or static and heuristic detection techniques—as well as integrating a number of third-party feeds from partner relationships—zvelo malicious detection capabilities provide up-to-the-minute intelligence and protection in an ever-changing threat landscape.

NOTE: The information represented in this global cyber threat map is for demonstration purposes and does not encompass the entirety of zvelo Malicious Detection capabilities.

Malicious Detections | Global Cyber Threat Map

Identified Malicious Detections

This map references a random, daily sampling of zvelo malicious categorizations and plots them based on the GPS coordinates of the threat. Detection information consists of the malicious category, obfuscated IP of the threat, and location of threat.

zvelo Heatmap | Threat Intelligence | Global Cyber Threat Map | Malicious Exploits

Heatmap Locations

This map provides a high-level summation of the areas where zvelo has recently encountered the most malicious threats. Red indicates a higher density, while blue denotes a lower number of occurrences.

Protect Your Networks From Malware, Phishing, Botnets, and Other Threats

Real-time identification of IPs and URLs related to malware, viruses, and other forms of harmful programs enables you avoid potential harm to your system by being able to block traffic to/from those destinations. A coveted Malicious Detection solution allows for easy integration through an API or data feed for use with routers, proxies, firewalls, or other systems for a safer Internet.

Explore Malicious DetectionObjectionable Content

Protect Your Networks AND Customers From Threats

Malicious Detection For Compromised URLs & IPs

zvelo’s categorization and malicious detection systems currently classify malware and exploits into ten (10) categories. These categories represent the most prominent and dangerous malicious types on the web. Due to the variable lifecycle of malicious URLs and IPs, it is imperative to be able to inspect and detect URLs quickly to verify their current malicious status. zvelo’s Malicious Detection systems incorporate an automated revisit process where malicious sources are retested. zvelo revisits up to 300,000 malicious URLs daily to determine if they are still infect, have been cleaned, have been taken down altogether. Since zvelo’s malicious dtection service is able to obtain the full path, it is able to revisit the exact URL and obtain crucial results on a granular and highly accurate level.

Advanced Threat Intelligence | zvelo Malicious Detection Systems

Identifying 10 Malicious Categories

zvelo detection systems identify the following ten (10) types of Malicious Categories:

Phishing/Fraud

Web pages impersonating other web pages with the intention of stealing passwords, credit card numbers, or other information. Also web pages that are part of scams such as a “”419″” scam where a person pays a sum of money with the expectation of a larger payback that never comes. Examples con, hoax, scam, etc.

Compromised and Links To Malware

Compromised web pages are disguised as legitimate, but really house malicious code or link to malicious websites hosting malware. Someone other than the owner has compromised these sites. In the instance that Firefox blocks a site as malicious, this category is used. Examples include defaced, hacked by, etc.

Ad Fraud

Websites that are being used to commit fraudulent online display advertising transactions using different ad impression boosting techniques including but not limited to the following: ads stacking, iframe stuffing, and hidden ads. Sites that have high non-human web traffic (NHT) and with rapid, large, and experience unexplained changes in traffic.

Spyware and Questionable Software

In the case of spyware or keystroke loggers, software reports information to a central server. Defined as questionable software, some people may object to having on their system, however the software may have a legitimate purpose.

Malware Distribution Point

Web pages that host exploits, viruses, and/or other malware are considered Malware Distribution Points. This category is used by web analysts if their anti-virus program triggers on a particular website.

Malware Call-Home

When spyware and viruses check a URL for updates or report information back to a particular URL, this is labelled as a malware call-home address.

Botnet

A botnet is a group of bots banded together or compromised machines running software used by hackers to send phishing attacks, denial of service attacks (DDoS) or spam.

Cryptocurrency Mining

Websites that use cryptocurrency mining technology without user permission. This is considered a malicious category.

Command and Control Centers

With command and control centers, internet servers are used to send commands to infected machines named bots.

Spam URLs

URLs that frequently occur in spam messages.

Protect Your Users & Networks with the #1 URL Database For Web Filtering

Enabling web filtering and parental controls vendors with premium web content categorization malicious detection, performance, coverage, accuracy, through a customizable and easy-to-integrate API, combined with the industry’s best customer service and responsiveness.

Explore Web FilteringzveloDB URL Database