Feed

Recent Updates

Posted on May 12th, 2015 in New Domains by dglosser

Added 198 domains on 5/8 and 187 domains on 5/11. Sources include joxeankoret, spamhaus, safeweb, and safebrowsing. Please update your blocklists and follow our terms of use

New Update

Posted on May 8th, 2015 in New Domains by dglosser

209 domains added (pharma spam, phishing, malspam, etc) from openphish, phishtank, spamhaus and others (All domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

Over 6500 Domains Removed

Posted on May 6th, 2015 in New Domains by dglosser

We  delisted over 6500 domains. Please update your blocklists and follow our terms of use

458 Domains Added

Posted on May 2nd, 2015 in New Domains by dglosser

Added 458 domains reported by google, joewein, openphish and other sources as malicious, fraud, spam or other badness you don’t want any browser or system connecting to.  Please update your blocklists as follow our terms of use

Over 630 domain added

Posted on May 1st, 2015 in New Domains by dglosser

Added over 630 pharma spam, fraud, phishing domains from dynamoo.com, joewein, spamhaus and others (All domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

10,955 Pushdo DGA Domains

Posted on April 28th, 2015 in New Domains by dglosser

www.fidelissecurity.com recently published a great article about pushdo.   The list of 10,955 Pushdo domains is  here.

We are always looking for DGA domains.  They probably won’t make it into our main zone files, but we’d like to collect and publish them for researchers and others who may wish to use them either in their DNS blocklist or as part of their IOC efforts

598 VBS Trojan, pharma, Andromeda, exploit domains

Posted on April 27th, 2015 in New Domains by dglosser

Added 598 vbs.trojan.downloader. script.exploit. Andromeda. Pharma Spam domains from dwm.cc, joewein, spamhaus.org and others. Please update your blocklists and follow our terms of use.

Rose Mendes

Huge Update: Over 1200 Domains (Bedep, Dyre, Phishing)

Posted on April 25th, 2015 in New Domains by dglosser

A huge update with 1219 domains added.  Many phishing domains from openphish but also some Bedep and Dyre  domains (from arbornetworks virustotal) and some  flagged by google safebrowsing. (All domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

sofacy, kins, tinba, russiandoll domains

Posted on April 21st, 2015 in New Domains by dglosser

Added 358 domains associated with sofacy, kins, tinba, russiandoll  and other badness which may be used as an IOC my monitoring your server logs. Sources include pwc.blogs.com, google safebrowsing, spamhaus and others (All domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

243 New Domains

Posted on April 19th, 2015 in New Domains by dglosser

Added 243 domains from joewein, zeustracker, cybertracker, vxvault and other sources containing domains associated with zeus, Andromeda  and other badness your browser or your users computers connecting to or from. Please update your blocklists and follow our terms of use.