About Tapetum Labs
Most crime online runs on infrastructure, the phishing kits, command-and-control servers, loaders, and adversary-in-the-middle platforms that turn one criminal's idea into millions of victims. It hides in plain sight, and most of it is never looked at closely.
Tapetum Labs looks. We do independent, original research into the infrastructure behind commodity crimeware, tracking it, fingerprinting it, reverse-engineering it, and turning what we find into intelligence you can actually use: fresh indicators, tracking rules, detections, and hunts.
The name comes from the tapetum lucidum, the reflective layer that lets nocturnal animals see in the dark. That's the idea: night vision for the corner of the threat landscape everyone else walks past.
Our research is published in the open, because good intelligence should reach the people who need it, not sit behind a six-figure enterprise contract. Subscribe to get every teardown as it drops, and to be first in line when the tracking feed opens.
Tapetum Labs is the work of an independent security researcher who spent years in security operations, threat intelligence, detection engineering, and malware analysis.