Feed

False positive on login.yahoo.com

Posted on June 21st, 2017 in New Domains by ndunker

On June 19th, a well-known anti-phishing partner listed a URL which was legitimately part of Yahoo, in error. We promptly removed the listing from our own database as soon as we noticed it. We have several automated processes that should have stopped this from happening at all. We’ve updated those processes and are currently reviewing them for further improvements to reduce the likelihood of major false positives of this nature.

Third parties that aggregate and report on our feeds should have already cleared the Yahoo URL, though certain website privacy plugins appear to be using third-party data that hasn’t updated yet. We remain committed to providing a high-integrity data feed, and apologize for any inconvenience caused.

Trouble with one of our mirrors

Posted on June 7th, 2017 in mirror by Adam Shinn

mirror2.malwaredomains.com is currently offline. Please use one of our other mirrors while we work to bring this mirror back online. A full list of our mirrors can be found here: Mirrors.

Thank you for using Malware Domains.

New Mirror Available

Posted on March 29th, 2017 in mirror by Adam Shinn

Utah State University has offered to mirror our list. This mirror has HTTPS support and can be found here (https://malwaredomains.usu.edu/), as well as on our mirrors page: http://www.malwaredomains.com/?page_id=29

Big thanks to Utah State University for hosting us.

Thank you for using Malware Domains.

List update/fixing inconsistencies

Posted on March 2nd, 2017 in New Domains,Removed Domains by Adam Shinn

We were notified that our justdomains and domains.txt files had some inconsistencies with the domains listed. These domains were either old entires that needed removed or had been removed from one list and not the other. Big thanks to Mike Lee for pointing this out to us.

Our current list is at 19,207 malicious domains. We have seen an increase in user submitted domains over the past month. Thanks to those who have submitted their findings.

Current List & Mirror Status

Posted on February 6th, 2017 in mirror,New Domains,Removed Domains by Adam Shinn

Our list is currently at 17,534 malicious domains. Thanks to everyone who has submitted domains to our list. If your domain is no longer malicious, please contact us at malwar1edomain3s@gm2ail.c9om for removal (remove all numbers).

Mirror 1 is fully operational again. Big thanks to all of our supporters who are hosting our list!

Thank you for using Malware Domains.

Trouble with one of our mirrors

Posted on January 9th, 2017 in New Domains by ndunker

mirror1.malwaredomains.com has been unstable over the weekend. GT500.org staff is working to migrate the site (including the mirrors graciously provided for the security community) to a new server. If you’re having trouble fetching BHDNS files, please try another mirror.

List Update, 1000+ Ransomware Domains Added In Past Month

Posted on December 21st, 2016 in New Domains,Removed Domains by Adam Shinn

Over the past month we have added 2934 domains to our list and removed 3898. 1140 of these domains contain Locky ransomware payloads. Many of these domains are compromised sites hosting the payloads unwittingly. If you are the webmaster of one of these sites, please remove the malicious content and send us an email so we can remove the domain from our list.

Also, if you find a malicious domain, please send it to malwa5redo4mains@g8mail.c9om (remove all numbers).

Thank you for using Malware Domains.

Added Ransomware Domains

Posted on November 22nd, 2016 in New Domains by Adam Shinn

We added over 100 domains to the list seen distributing ransomware. Please update to the latest list via one of our mirrors. We have also seen an increase in domains submitted by the community. Thanks to everyone who has sent in their findings.

Malware Domains

Another List Update

Posted on November 8th, 2016 in New Domains,ransomware,Removed Domains by Adam Shinn

Since our last update, we have added 3764 domains to the list and removed 6788. Locky ransomware campaigns ebbed and flowed over the past month. Newer variants of this ransomware have changed file extensions used for encrypted files.

Thanks to the community for submitting domains and helping keep the list clean.

Thank you for using Malware Domains.

List Updated

Posted on October 11th, 2016 in New Domains,Removed Domains by Adam Shinn

Since last month’s update, we have added 2085 domains to the list. We have also removed 8428 domains from the list. Many of the domains that have been added are a part of ransomware campaigns. If you find a malicious domain, please submit it to us and we will add it to the list.

Thank you for using Malware Domains.