Indicators of compromise are the key information to protect automatically users, employees in front of malware campaigns or malware operations. We follow a strict process to consume open/private feeds to create unified lists and offer them to our customers. We have valuable services internally like sandbox systems, spamtraps, honeypots technologies to collect attacks, malware samples spread in the wild and active campaigns to process them and get those indicators. To avoid false positives we delete data that belongs to bening services like cloud services, public range companies etc.. The idea behind this data process we do is avoid false positives. Do you want to get our premium feeds?

Contact us at



IOC Process

Malware Bundle

CyberIOCs offers a malware bundle classified in malware catagories.The package is classified in those catageories:

  • Ransomware
  • Financial malware
  • Downloaders
  • RATs
  • Malware targeting specific countries*

Malware Sandbox Testing Services

Nowadays is often have a sandbox to detonate malware samples collected by security devices, researchers or malware crawlers. Those sandbox environments are often wrong configured and a lot of malware samples are evading them and the company can't process those samples automatically. We spent the last years a lot of time doing research around those systems and we know to configure them, change specific settings in order to improve the malware samples detonations.

IOC Process


Threat actors and crimware families are often adding certain evasive techniques and special methods to their downloaders and droppers to avoid these types of systems and to evade the malware identification by security vendors and AV companies. If you need consultancy services around malware sandbox systems, don't hesitate in contact with us at are willing to grow your sandbox system to the next level

Free Packages

In order to contribute to the community, we offer free access to IOCs, malware samples for the community. We configured the repository with certain limitations like speed download and accesses in our files to avoid crawlers, or automatic processes. If you want to avoid those limitation and have full access don't hesitate in contact with us at

If you want to acess to our free data, click here :