Feed

sql injection, htaccess, maliciousjs domains

Posted on May 13th, 2012 in New Domains by dglosser

Added domains associated with htaccess redirection, sql injection, iframes, etc. Please update your blocklists/sinkhole and follow our Terms of Use.

Reminder: the main site does not contain any zone files. Only download files from one our our download mirrors.

Domain Delistings

Posted on May 9th, 2012 in Removed Domains by dglosser

over 1559 domains were revaluated, 1507 were removed, 30 were added to our “immortal” domain list.

The list of the removed domains can be found here: http://mirror1.malwaredomains.com/files/removed-domains-20120507.txt

The list of “the immortals” can be found here: http://mirror1.malwaredomains.com/files/immortal_domains.txt
Also, northcities.org has been delisted and will be removed on the next update.

Exploit Domains, iframes, malvertising

Posted on May 6th, 2012 in BH Exploit Kit,exploit,iframes,malvertising,New Domains,zeus by dglosser

Added over 140 domains associated with exploits, malvertising, ransom/rogues, and of course zeus, etc. Sources:www.mwis.ru, vxvault.siri-urz.net, vxvault.siri-urz.net (all sources are listed in our domain.txt file.)

Compressed files are located at: http://www.malware-domains.com (full zone files, note the dash)  and http://dns-bh.sagadc.org/.  We also have a mirror dedicated to research and Open Source Projects – contact us for details. NO ZONE FILES ARE LOCATED ON THIS SITE.

* Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.  Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

bhexploitkit, htaccess, iframes, trojans…

Posted on May 4th, 2012 in iframes,New Domains,rogue antivirus,Trojans by dglosser

Added 11o domains associated with htaccess redirects, malicious iframes, trojans, etc. sources include www.malwaredomainlist.com, safebrowsing.clients.google.com, jsunpack.jeek.org Please update your blocklists/sinkhole  and follow  our Terms of Use.

Reminder: the main site does not contain any zone files. Only download files from one our our download mirrors.

Site Delistings

Posted on May 2nd, 2012 in Removed Domains by dglosser

radioinkconvergence.com, thespiritualguides.com, careconnectbyesco.com,  thespiritualguides.com have been delisted and will be removed on the next update

Site Delisting: kollshi.com

Posted on April 30th, 2012 in Removed Domains by dglosser

kollshi.com has been delisted and will be removed on the next update

malvertising,malicious js, bugat domains

Posted on April 29th, 2012 in New Domains by dglosser

Added 137 domains associated with google safebrowsing, malvertising, malicious javascript, etc. Sources include exposure.iseclab.org, safebrowsing.clients.google.com, stopmalvertising.com and others (all sources are listed in our domain.txt file.)

Compressed files are located at: http://www.malware-domains.com (full zone files, note the dash)  and http://dns-bh.sagadc.org/.  We also have a mirror dedicated to research and Open Source Projects – contact us for details.

* Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.  Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

sqli: Block Njukol -dot – com

Posted on April 29th, 2012 in 0day,iframes,New Domains,sql injection by dglosser

We received a report that there’s  a sqli injection going on with  njukol . com/ r.php.  Please check your web sites and add this to your block or shun list.      Original Source: http://ilion.blog47.fc2.com/

Check your download scripts ASAP

Posted on April 29th, 2012 in Domain News,mirror by dglosser

Check your download scripts ASAP….

Too many users are STILL pointing to the main www site for the zone files, which have not been here for MONTHS…

PLEASE update your scripts to pull from one of the download mirrors. DO NOT point to the www (blog) site  as there is nothing to download.

 

Small Update – 4/27

Posted on April 28th, 2012 in malvertising,New Domains,Trojans,zeus by dglosser

Had server issues on the blog site so this is a few days late..  Added a couple of dozen malvertising, zeus, palevo and other harmful domains on 4/27.

Too many users are STILL pointing to the main (blog) site for the zone files and are causing server issues…

PLEASE update your scripts to pull from one of the download mirrors or your site will be BANNED

 

 

 

Next Page »