Spamhaus DROP lists are essential tools in the fight against IP hijacking. These lists consist of IP addresses exploited by organizations for malicious purposes, such as distributing malware, controlling botnets, or executing other forms of cybercrime. The service enables IPv4 address owners to report their hijacked IPs, effectively preventing these bad actors from announcing their presence in BGP.
Provided free of charge by the Spamhaus Project, the Don’t Route or Peer Protection List is designed to enhance internet security. As part of the
Spamhaus Blocklist (SBL), DROP lists safeguard all internet protocols, including web traffic. Tailored for Tier-1 and backbone providers, these lists filter out malicious traffic through advanced firewalls and routing equipment.
Thorough investigations and forensic analyses confirm control by cybercrime groups or “bulletproof” hosting providers before IP address subnets are added to the DROP lists. With the depletion of IPv4 addresses, assignments have become increasingly dynamic, often overseen by trusted facilitators like Brander Group. Cybercriminals frequently alter ASNs and corporate identities to evade detection, necessitating daily updates to DROP lists to monitor these evasive IP hijacking tactics.