abuse.ch

The heavily used Swiss non-profit platform for protection against cyber attacks is well known amongst the international IT community. Through the projects it has launched, abuse.ch has so far identified and rendered harmless over 1.2 million malware sites and has analysed more than 40 million malware programs.

Factsheet

  • Lead department School of Engineering and Computer Science
  • Institute Institute for Cybersecurity & Engineering (ICE)
  • Duration (planned) 15.04.2021 - 15.04.2022
  • Project management Roman Hüssy
  • Head of project Roman Hüssy
  • Project staff Roman Hüssy
  • Keywords cyber, cyber security, IT security, open source, threat intel

abuse.ch is a non-profit project, launched as a private initiative, which has been tackling cyber security issues for over 15 years. Its activities focus on research on botnets and malware. Since 15 April 2021, abuse.ch has had a new home at the Institute for Cybersecurity and Engineering ICE at Bern University of Applied Sciences, where it is being run as a research project. To date the project has been funded entirely from private-sector donations.

Authorities use abuse.ch data to improve national internet hygiene, for example by identifying websites used to distribute malware and rendering them harmless. Judicial authorities also benefit from abuse.ch: law enforcement agencies worldwide use abuse.ch to support their cyber-crime investigations.

Goals

  • Research: Research into malware and botnets
  • Open source threat intelligence: Provision of the findings obtained (e.g. indicator of compromise – IOC) to the public (private sector, research organisations, police authorities and law enforcement agencies) to prevent threats

Previously successful abuse.ch initiatives (selection)

  • URLhaus: Platform providing information on websites used by cyber criminals to spread malware.
  • MalwareBazaar: Platform where IT security researchers can share information on current malware.
  • ThreatFox: Platform for the exchange of technical information on the current cyber threats (indicators of compromise – IOCs).