Disable C&C server - email to registrar of malicious domain
Template for writing to the registrar of a malicious domain to disable it
I hope this email finds you well. I am [IH’s name] from Access Now’s Digital Security Helpline team - https://www.accessnow.org/help. I’m respectfully contacting you to report an incident that has been reported to us.
The IP address X.X.X.X (currently hosting domain “X.X.X”) is being used as a Command and Control server which is identified to be used by a targeted hacking attack that is infecting civil society members and compromising their devices.
We would like to bring this issue to your attention and kindly ask for you assistance to disable the server.
Thank you very much in advance for your assistance. I look forward to hearing back from you.