The Internet Abuse Signal Collective (IASC)

The IASC is a collaborative network of organizations and experts joining forces to fight cyber threats through intelligence sharing.

We bring together diverse data sources and expertise to create a unified, data-driven view of the internet, enabling deeper insights, faster detection, and better defense against emerging threats.

2.7M+

Calls to C2 infrastructure logged in 30 days

4.1B+

IP & WiFi Signals

160+

Threat groups monitored

2.2M+

Honeypot attacked events logged in 30 days

99K+

SSID matches linked to infected devices

Who We Are

The IASC is a collaborative network built on data sharing. Each member contributes unique data — and gets access to a broader pool of intelligence than they could ever create on their own.

Our partners include:

Registrars & Registries
DNS resolvers
Internet service providers
CERTs & CSIRTs
Cybersecurity vendors
Threat intelligence teams
Industry experts

Each partner brings a different piece of the puzzle, creating a complete view of the internet. Together, we help each other identify, understand, and combat persistent and emerging cyber threats more effectively than any single organization possibly could alone.

Including partnerships such as:

What We Do

The IASC gathers, unifies, and shares data across partners so that they can use it to make the cyber world safer. Individually, each partner has only a partial view—but together, we create a more complete and accurate picture of online activity. This collective approach enables partners to detect, investigate, and mitigate cyber threats more effectively.

Threat Research

Uncovering large-scale campaigns, infrastructure, and attacker behavior by analyzing patterns across aggregated data sources.

Cyber Defense

Enabling stronger defenses by identifying indicators of compromise, adding rich context to threat events, and detecting attack patterns across the internet.

Threat Intelligence

Aggregating and enriching data from diverse sources to produce actionable intelligence on emerging threats and malicious activity.

Investigations

Supporting deeper investigations with enriched, cross-source intelligence that reveals hidden connections and accelerates analysis.

IASC News and Updates

Threat actor monitoring:

April 6, 2026 Asset Discovery, Attribution, and the Shift Toward Exposure and Risk Management in Modern Security Programs

A conversation with Jeff Foley, Amass leader and Senior Advisor for External Exposure Research, Internet Abuse Signal Collective

February 20, 2026 How Access Now Improved Incident Response for Human Rights Defenders

Access Now cuts phishing investigation time by 60% on its Digital Security Helpline using WhoisXML API's WHOIS API and MCP Server via Gemini CLI.

January 20, 2026 Turning Internet Abuse Signals into Coordinated Action in LAC

An interview with Gonzalo Romero on Internet abuse coordination, governance, and strengthening digital trust across Latin America and the Caribbean.

December 10, 2025 WhoisXML API Joins DEATHCon 2025

Alex Ronquillo and Ed Gibbs joined hundreds of detection engineering experts at DEATHCon 2025. Here’s a recap of the event’s major themes.

November 25, 2025 WhoisXML API Participates in the FIRST 2025 Technical Colloquium

WhoisXML API’s Ed Gibbs participated in the FIRST’s Mexico City Technical Colloquium and spoke about modern threat hunting using DNS and NetFlow telemetry.

July 14, 2025 Locating Missing Children through Collaboration

Learn how the National Child Protection Task Force (NCPTF) found 25 missing children in a multi-organizational operation that included WhoisXML API.

June 19, 2025 Darksight Analytics Improves Attribution in an Investment Fraud Investigation

Learn how WhoisXML API helped a Darksight Analytics investigator analyze a network of invoice factories involved in a fraud scheme.

May 29, 2025 WhoisXML API Is Now a Global Signal Exchange (GSE) Partner

WhoisXML API has joined the Global Signal Exchange (GSE) community to empower anti-fraud professionals with predictive threat intelligence.

March 26, 2025 WhoisXML API Attends the ICANN82 Community Forum

WhoisXML API attended ICANN82 to engage in key cross-community talks and gain insights from the event's major sessions and leaders.

May 20, 2022 WhoisXML API Presents Global DNS Trends at Europol

WhoisXML API shows how leveraging a satellite view of the global DNS can help identify, expand, and contextualize potential counterfeit domains. Read the report now.

October 25, 2021 Webinar | Investigating Misinformation: Analyze Iranian-Owned Domains Using WhoisXML API

In this webinar, WhoisXML API and Maltego experts will take a deeper look into these websites and connections between them using the capabilities of Maltego and historical WHOIS data from WhoisXML API.

October 19, 2020 GeoGuard and WhoisXML API Partnership: The Dark Side of VPN Use Explored

The research aimed to detect malicious IP addresses in IP blocks associated with VPN usage. The findings could serve as a warning to both cloud users and service providers.

Work With Us

The IASC welcomes new partners and data contributions. Share your data — and get access to unique internet intelligence in return.

Domain names

Domain history

GeoSpatial IP Intelligence

WiFi Intelligence

Global honeypot threat intelligence

DNS & NetFlow traffic flows

Command & control attack infrastructure

Malware infrastructure

Phishing attack infrastructure

Malvertising & spam websites

Credential harvesting page paths

Domain, IP, URL IoCs

DNS History

IP addresses

Email addresses

Registrants

Brands

Corporate firmographic data

IASC Welcomes New Partners

Data exchange

Contribute your organization’s unique data and gain access to the broader IASC intelligence pool. By combining datasets across partners, this model creates a richer, more complete view of internet activity — benefiting all participants through shared visibility and insights.

Research contribution

Use IASC data to support cybersecurity research, investigations, or publications. If IASC data can support your research, we encourage you to reach out and explore collaboration opportunities.

Data access

Access IASC data to enhance your security, research, or product capabilities. If your ability to contribute data is limited, flexible arrangements can be explored — reach out to discuss how IASC data can support your needs while aligning with the collective’s mission.

Media Coverage

The Hacker News Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb

Dark Reading Attackers Use New Tool to Scan for React2Shell Exposure

BankInfoSecurity Nation-State and Cybercrime Exploits Tied to React2Shell

Cyber Security News ILOVEPOOP Toolkit Exploiting React2Shell Vulnerability to Deploy Malicious Payload

OSINord The Mystery of Nadia Marcinko: Epstein’s Alleged Right Hand and Her Digital Trail

GBHackers React2Shell Vulnerability Exploited in the Wild, Analysts Warn

News.QQ.com 蠕虫式XMRig挖矿活动使用BYOVD漏洞利用和基于时间的逻辑炸弹

SecurityAffairs Wormable XMRig campaign leverages BYOVD and timed kill switch for stealth

RedHotCyber State-Sponsored “ILovePoop” Toolkit Targets Global Giants via React2Shell Vulnerability

Sina.com.cn 蠕虫式XMRig挖矿活动使用BYOVD漏洞利用和基于时间的逻辑炸弹

MalwareTips Attackers Use New Tool to Scan for React2Shell Exposure

Frequently Asked Questions

The Internet Abuse Signal Collective, or the IASC is a data-sharing collaborative network led by WhoisXML API that brings together organizations to exchange internet telemetry and threat intelligence.

Its goal is to combine data from multiple sources to get a clearer, more complete view of internet activity and use that to detect, investigate, and mitigate cyber threats more effectively than any single organization could on its own.

The IASC operates by collecting and correlating data contributed by its partners. Each participant shares unique data and, in return, gains access to a broader pool of intelligence. The scope of access depends on the level and value of contribution, creating a collaborative data exchange that benefits all members.

Organizations across commercial, government, and non-commercial sectors can apply to become an IASC partner as long as it has relevant data, expertise, or capabilities to contribute. The IASC is built on mutual collaboration — partners share what they can and gain access to a wider range of intelligence in return. IASC also welcomes individual contributors.

Partners can contribute a wide range of internet and threat-related data. It includes:

domain and IP intelligence
DNS and network traffic
malware and phishing infrastructure
spam signals
Indicators of compromise
honeypot data
geolocation insights

And more. Essentially, it could be any data that helps build a clearer picture of the global online activity and threats.

Yes. The goal of the IASC is to enable data sharing so that each individual partner can do more with the help of IASC data than without it. Partners are encouraged to use IASC data to strengthen their own security, conduct research, and enhance cybersecurity products or operations. All data must be used responsibly and for legitimate purposes aligned with combating cyber threats under established IASC guidelines.

Partners gain access to a diverse and enriched pool of data that goes beyond what any single organization can collect on its own. The level of access is flexible and generally scales with contribution. To align data sharing and access with your organization’s goals, IASC representatives work directly with partners to define the best collaboration model.

Yes. The IASC welcomes research groups and independent researchers. If you are interested in contributing or using IASC data for research, you can reach out to explore collaboration opportunities.

Trusted by
the smartest
companies

Have questions?

We are here to listen. For a quick response, please select your request type. By submitting a request, you agree to our Terms of Service and Privacy Policy.

First Name*

Last Name*

Business Email*

Request type*