Feed

Another large update – 187 domains

Posted on November 28th, 2012 in koobface,New Domains by dglosser

Add 187 exploit kit, malicious, koobface domains originally listed on ddanchev.blogspot.com, www.avgthreatlabs.com, www.dshield.org and other sources (all sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be bannedUse wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.  Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

NO ZONE FILES ARE LOCATED ON THIS SITE.  Users  and ip addresses which repeatedly attempt to download zone files directly from this site will be banned from all downloads.

RBN, Rogue, koobface domains

Posted on May 25th, 2011 in koobface,New Domains,RBN,rogue antivirus by dglosser

330 domains associated with RBN, rogue/fake AV and other maliciousness were added. Sources include emergingthreats.net, securehomenetworks.blogspot.com (Every source is  listed in the domains.txt file):

afiveless .com americanpoloavs .com
aievb .com analyticgoogle .net
antispyst .com avsblcamericanstatecan .com
antispyst .net avsblcksplayoffs .com
avblckscan .com avsdixieland .com
aveesca .co .cc avsgreenscangroup .com
avgreenscan .com avsgreenscaninc .com
avkok .com avsgreenscanonline .com
avkokxp .com avsgreenspassword .com
avless .com avslessgroup .com
avoffxp .com avsoffxpgroup .com
avoops .com avsoffxpinning .com
avs-jazz .com avsoffxponline .com
avs-jive .com avsxpoffgroup .com
avs-music .com avsxpoffonline .com
avs-swing .com basydiduwahaw .com
avsa-daisy .com beachpoloavs .com
avsblckscan .com betakywaxekof .com
avsbluescan .com bigoxefyfaluh .com
avsdon .com bipakypusiby .com
avsgo .com bozygawunefi .com
avsgreencan .com bucoqypynynej .com
avskok .com cajikohinele .com
avskokepub .com cheappoloavs .com
avsless .com computerplaces .info
avslessinc .com cuneqyqetyroj .com
avslessnail .com custompoloavs .com
avsll .com cynyhafyzetov .com
avsllgroup .com dadesignlive .com
avsoffxp .com deletevsgreenscan .com
avssorry .com diwamajucovy .com
avsxpoff .com dytebyhekaqa .com
avxpoff .com eyeavsexamine .com
babisotot .com eyeavsscanonline .com
bakubuniho .com eyeavstaylor .com
baxivenom .com eyereaderavs .com
betavs .com eyereaderavsxp .com
betavsgroup .com eyescannerav .com
bikepoloavs .com eyescanneravs .com
blowavs .com eyescanneravsgroup .com
bnetns .ru eyescanneravxp .com
boxisosypi .com fifotojylahe .com
bytypupecex .com filteringlavs .com
cacirowec .com fohohovugoredo .com
cagolasevaj .com gasavsonline .com
califepro .com gavorydigejizy .com
capurasaf .com gilebifabusexa .com
cilybodyd .com giwomylywokof .com
cudokopipi .com globalpoloavs .com
cygogonabeq .com hawaiipoloavs .com
danoduc .wo .tc hebypudukotih .com
dihisalyh .com inningavsxpoff .com
dowemawema .com inningvsoffxp .com
eacvb .com jojevijehajyx .com
eievb .com jywujodocivine .com
eonvb .com kilumixefiki .com
epubvskok .com lakersscanneravs .com
eyeabscan .com lessavsonline .com
eyeavscan .com llanorthwestern .com
eyeavsscan .com logapacquiao .com
eyeavssee .com logavsonline .com
fakovuhuju .com lutheranantivirxp .com
foqadobyve .com lutherantivirxp .com
fyhykubux .com lysocoharogyg .com
gasavs .com lywicoxyvuby .com
gasavsgroup .com m00vable-fiesta .com
gasicekymas .com myavsblckscan .com
geduhijykes .com myavsgreenscan .com
gidewuboler .com myeyeavsscan .com
gilodivere .com myeyescanneravs .com
goinprivate .com mywinantivirusxp .com
h3456345 .cn nabubymepicizu .com
hifoqaxinaj .com newavsblckscan .com
hupnb .com newavsgreenscan .com
jocusacegir .com newavspridewin .com
jukecoruvut .com neweyeavsscan .com
kesykijigut .com neweyescanneravs .com
kyqegovujug .com nodihykyhopyz .com
lessavs .com nupecehededave .com
lessavsinc .com pacquiaologavs .com
lettervs .com passportantivirusxp .com
lidvb .com passwordavsgreenscan .com
llavsonline .com passwordvsgreenscan .com
logafive .com pipugodupexug .com
logav .com playoffsvsblckscan .com
logavs .com poreavsgroup .com
logavsgroup .com poreavsonline .com
logavsmanny .com premiumantivirusfreescan .com
loseavs .com premiumfreescan .com
luqotazih .com pulirutugeqaf .com
mannyavs .com punanufawenyk .com
mannybetavs .com qikawykytapysy .com
mavsloidol .com qixaxyrujuqici .com
mecaqyvupi .com qukocacilogoti .com
mezibehab .com qyfimeluxeqok .com
mufobapix .com recabikixyse .com
myavsboom .com rinepigelowot .com
myavsdam .com rugabujotidil .com
myavsoffxp .com ruvahekamefan .com
myavsxpoff .com seiningcarno .co .cc
mybetavs .com sixihyqecyfuku .com
mygasavs .com snailessavs .com
mygolavs .com sonycojaqowik .com
myllavs .com syfurojoxereku .com
mylogavs .com tayloravsscan .com
myporeavs .com tedowuveqakej .com
mywinavs .com theantivscanfree .com
ncaaavs .com theavsblckscan .com
newavsboom .com theavsgreenscan .com
newavsdam .com theavsoffxp .com
newavsll .com theavspridewin .com
newavsoffxp .com theavsxpoff .com
newavsxpoff .com theeyeavsscan .com
newbetavs .com thewinantivirxp .com
newgasavs .com tinocusebawu .com
newgolavs .com tsunepspatiz .co .cc
newlessavs .com tumevamusytoc .com
newllavs .com turezidejuzok .com
newlogavs .com tutupeqyrar .com
newporeavs .com tycalinumijotu .com
newwinavs .com tytunajilac .com
nihedimes .com vadyrokufubu .com
nupnb .com vefyqylepahuga .com
oilavs .com vekoxarotucev .com
owavb .com vepizujefewa .com
piavb .com video-playerpro .com
polossavs .com vikitarurepuq .com
poqacelufeq .com viraltraffic-guide .com
poreafigure .com virustest01 .cz .cc
poreav .com vivasidasaves .com
potasajic .com voice-ip-download .com
puvepydilaj .com voip-2010-download .com
qatijoxuna .com voip-2010-new-download .com
qovukezur .com voip-2011-version .com
ranamujesu .com voip-access-now .com
rhpavsxpoff .com voip-new-online-download .com
rhpvsxpoff .com voip-official-download .com
ronadosim .com vovyjaryguwu .com
rsravs .com vywobohexinipa .com
salysymyp .com waginujiwoha .com
savicypacy .com watch-football-tv-live .com
seekartists .com watch-hd-movies-online .com
semuvajako .com watch-hockey-online .net
sobudajib .com watch-hockeyonline .com
taxhiking .com watch-live-2010-football .com
theavsboom .com watch-online-basketball .com
theavsdam .com watch-online-boxing .com
thebetavs .com watch-sports-network .com
thegasavs .com watch-superbowl-online .com
thegolavs .com watch-ufc-live .com
thelessavs .com watch-ufc-online .com
thelogavs .com watchonline-football .com
togizypad .com website-support .ru
tuwifotiju .com wedytatuxug .com
vehepumac .com wenomepodipiby .com
virafix .com wiqesidavevod .com
vkodewol .cn wirybidyzufij .com
vsefurug .cn xeruraxagum .com
vtuyocew .cn xifuzakotyk .com
wetyotix .cn ximeqeteporaco .com
wihoraqite .com xisohyrydily .com
wupnb .com xynixucujeduru .com
xajizukoxo .com zizudadidura .com
yupbn .com zizyhaqizod .com
zyejanag .cn zymaqamusowibu .com
Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.

This malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.

Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.

Domains.txt file is the complete list along with original reference.
Justdomains contains list of only the domain names.

Please download files from main mirror: http://mirror1.malwaredomains.com/files/

BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format.

Also Available in AdBlock, ISA, and MaraDNS formats.

A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

Important update — koobface, exploit domains

Posted on July 15th, 2010 in 0day,exploit,koobface,New Domains by dglosser

source include isc.sans.org, ddanchev.blogspot.com,x.maldb.com, blog.unmaskparasites.com:

abrie .in oserr .in
agros .in osmac .in
alldh .in ospor .in
alodh .in ossce .in
anrio .in ossio .in
antsd .in ostab .in
aoxtv .in ostac .in
appsd .in ostio .in
aquui .in ostom .in
arrie .in ouned .in
balsd .in purnv .in
barui .in pxdmx .in
bikey .in ragew .in
bkpuo .in rekey .in
bleui .in saled .in
brayx .in sated .in
broyx .in scoos .in
bryhw .in sdali .in
butui .in sdall .in
butuo .in sdayb .in
butyx .in sdaye .in
cated .in sdayo .in
cedhw .in sdene .in
chrie .in sdich .in
chrio .in sdome .in
cirui .in seedw .in
clrio .in smoed .in
cogoo .in soted .in
conuo .in spios .in
conyx .in spkey .in
corie .in sunyx .in
curie .in sydos .in
cusnv .in teaed .in
czkey .in thynv .in
degoo .in ugiyx .in
dennv .in uinei .in
dugoo .in uinge .in
eagoo .in uiren .in
eboyx .in uirin .in
ecrio .in uisap .in
ectuo .in uisee .in
edbal .in uisma .in
edban .in uitem .in
ederc .in uithi .in
ederm .in uityp .in
edger .in uityr .in
edimp .in varyx .in
edois .in veged .in
elrio .in wakey .in
enguo .in whasd .in
eprio .in wimed .in
eqrio .in woonv .in
fakey .in yokey .in
fibnv .in yxial .in
foryx .in yxiam .in
franv .in allxt .com
fraos .in stteop .in
garie .in coparli .com
glouo .in gutyeaz .com
guinv .in hitinto .com
habsd .in pantscow .ru
hecuo .in bizenable .com
hekey .in dyayxsgsv .net
humos .in ktkelzrwqgq .com
hygos .in s3xme1fucan .com
hyrie .in myantivirsplus .org
imbos .in my-antivirsplus .org
ionnv .in rooty .crabdance .com
jamsd .in my-protectonline .org
kykey .in sysprotectonline .org
latuo .in my-antivirus-plus .org
leunv .in my-protect-online .org
linuo .in sys-protectonline .org
liuyx .in fastscanner-online .org
makey .in ilio01ili1 .comappsd .in
moosd .in sandra .prichaonica .com

gumblar, koobface, and other nasty domains

Posted on July 14th, 2010 in gumblar,koobface,New Domains,Trojans by dglosser

Sources include support.clean-mx.de, safeweb.norton.com,blog.unmaskparasites.com, ddanchev.blogspot.com:

gpgp .ws 4info-tools .com
gsv1 .de anvietmedia .com
rks1 .de bangkokfood .com
brusd .in bmplaces .msk .ru
mn2x .com fastradotop .com
naty .org sub .downs .co .kr
nvild .in amriflooring .com
volnv .in apadanagroups .ir
analys .ru bcs-construct .be
avj .co .in musitalentos .com
mbu .ac .th nuklearartist .de
ses99s .cn pds18 .egloos .com
angelas .in averiwarefree .com
bestway .cz bharticouncil .com
blschd .com scrapper-site .net
bookav .net smarttrain .edu .vn
euracom .de video-codec .co .tv
sitasa .com assiouty-group .com
bobscopy .ca bellsdirectory .com
so2alak .com usa-horse-club .org
ttqipai .com aliss .al .funpic .org
anujinfo .com artalepwellness .com
assurline .fr barista-italiano .nl
dong69 .co .kr vot-takie-pirogi .in
kungfu .co .il cams2010 .unlugar .com
lokexawan .cn free-best-movies .com
novostar .com polotele .fileave .com
blackcreekstudios .com
video1you .in gokartsvordirekt .info
zhajinhua .cc ankaragunesnakliyat .com
20iamback .com 0checkingyourtraffic .com
atelieray .com 10checkingyourtraffic .com
bantontan .com 20checkingyourtraffic .com
flvdirect .com 30checkingyourtraffic .com
hiphop .web .id 40checkingyourtraffic .com
masconazo .com 60checkingyourtraffic .com
noplumber .com 70checkingyourtraffic .com
prehastven .in 80checkingyourtraffic .com
tc2000 .com .ar 90checkingyourtraffic .com
areasdm .com .ar clientconfig .passport .net
arekosicki .com themasterscourtestate .com
bellsworld .com thetriumphantministry .com
bestinporn .com suelenmodas .web47 .f1 .k8 .com .br
bestlavori .com yourgooglesuperanalytics .co .cc
The malware block lists provided here are for free for noncommercial use as part of the fight against malware.

Please help to keep this site free and donate whatever you can. All donations go to hosting and infrastructure costs.

Also, yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.

Domains.txt file is the complete list along with original reference.
Justdomains contains list of only the domain names.
Updates are located at http://www.malwaredomains.com/updates or one of the mirrors

The full files are located at: http://www.malwaredomains.com/files or one of the mirrors
Primary Mirror: http://mirror1.malwaredomains.com/files
BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format.

Also Available in AdBlock, ISA, and MaraDNS formats.

A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, and others…

May 23 Update: koobface,fastflux,zbot,zeus domains

Posted on May 23rd, 2010 in exploit,fastflux,koobface,New Domains,Trojans,zeus,zlob by dglosser

Over 250 new domains associated with zbot, zeus,torpig,neosploit, koobface and other maliciousness. Sources include ddanchev.blogspot.com, atlas.arbor.net/summary/fastflux, www.malc0de.com, zeustracker.abuse.ch:

jjll .ru cribrejist .kz
ijll .ru habibaksa .net
n9uo .com hesneclimi .ru
v3p2 .com hulejsoops .ru
b1xs .com img4453945 .com
irnis .net kh76t .3322 .org
notkey .ru magic-dieta .ru
u678 .info medicinada .com
zipbin .ru nonstopsen .com
123m .info nyfrizymiq .net
illmap .ru petquestion .ru
ledorga .fr powerbarrel .ru
missgin .ru radicalgirl .ru
nearzit .ru redspinster .ru
nettps .net sleepydream .ru
noknack .ru southernpeg .ru
nothill .ru tameconcert .ru
oddbabe .ru tenthprofit .ru
petlips .ru torncurrent .ru
petwife .ru updt334221 .com
radtune .ru validbanner .ru
rareelf .ru av-special .net
tapclip .ru dating-spot .ru
tornmum .ru haveitornot .ru
usetune .ru kghxpwukvif .com
void99 .com like-me-web .com
evilpal .ru mabhkkemvif .com
freeipg .ru mamapapalol .com
kettych .com mondaybubble .ru
lazyloss .ru netgomarket .com
lessjazz .ru obele-chuka .com
lostdeed .ru ohjeugbomlc .com
lovemine .ru oldpresident .ru
mildroom .ru relaxedgrape .ru
miniarms .ru siliconemist .ru
nosypipe .ru skepticalpub .ru
onebeard .ru springarctic .ru
ourriver .ru tenderavatar .ru
pangreed .ru terminalpoem .ru
pinkhack .ru trendsecure .com
radjoker .ru valuablemind .ru
richsign .ru wtopcompany .biz
rmtiw324 .ru xee1aeph2aay .kz
roundpad .ru 1gb-scanner .com
saltysky .ru 2gb-scanner .com
sparemat .ru 2mb-scanner .com
spotsnow .ru 3gb-scanner .com
suavepad .ru 3mb-scanner .com
surechip .ru 4gb-scanner .com
tartshow .ru 4mb-scanner .com
tastysea .ru 5gb-scanner .com
vasttune .ru 5mb-scanner .com
wantdive .ru 6mb-scanner .com
westlips .ru deewaek4heeh .kz
yoursoap .ru fialfyjfvif .com
zerovir .com holasionweb .com
dieta-24 .ru kakleglo2335 .com
hypoload .in novascanner4 .com
indypages .ru red-xxx-tube .net
innerduck .ru shiftupdate .info
juicyfile .ru stellarshower .ru
latevenom .ru ziniomags .com .cn
leakymaid .ru 12netantispy .com
lightword .ru 13netantispy .com
macroarea .ru 14netantispy .com
micmarket .ru 16netantispy .com
microdoor .ru 1anetantispy .com
ministate .ru 1bnetantispy .com
modelprod .ru 2web-antispy .com
mushylion .ru 3web-antispy .com
needtempt .ru 4web-antispy .com
noislant .com 5web-antispy .com
onewinter .ru 6web-antispy .com
pearlpole .ru fastsearch .cz .cc
petsample .ru gaihooxaefap .com
prickheal .ru gigapayfosus .com
priorface .ru ielaithereej .com
rarephone .ru k2onlinesatis .com
rattyduck .ru nethabercilik .com
rawshower .ru politicalpoets .ru
redwriter .ru 1webantivirus .com
robot114 .com 2webantivirus .com
romantube .ru 3webantivirus .com
roundgain .ru 4webantivirus .com
roundhour .ru 5webantivirus .com
roundroad .ru awebantivirus .com
s1system .com awindows-scan .com
scaryloss .ru cwebantivirus .com
secretaxe .ru dwebantivirus .com
shinyrock .ru ewebantivirus .com
shortfeet .ru fivefingers31 .org
slickfilm .ru oldcarsforrent .com
smallbars .ru shiftsoftware .info
softstage .ru ultimatecomfort .ru
soggyzero .ru webpregnantget .com
soreentry .ru 1gig-antivirus .com
soundrisk .ru 20gb-antivirus .com
spellload .ru 2gig-antivirus .com
spicyyear .ru 30gb-antivirus .com
stuckdate .ru 3gig-antivirus .com
stuffstep .ru 40gb-antivirus .com
tangystar .ru 4gig-antivirus .com
telechart .ru 50gb-antivirus .com
validfolk .ru 5gig-antivirus .com
vastdiary .ru 60gb-antivirus .com
videohubb .in bprotectsystem .com
weakimage .ru drugs-prostore .com
wearyyear .ru getdrugs-store .com
worstfuel .ru mypc-services10 .com
wutrinfe .com phpgrinchalina5 .com
yourmoose .ru 8my-antispyware .com
comandav .com navigationquebec .com
iomegaone .com 0web-antispyware .com
labelstare .ru 3web-antispyware .com
lunchscone .ru 7web-antispyware .com
mondayring .ru aweb-antispyware .com
priorsmell .ru img410 .imageshacks .in
roundmaker .ru smartsupersecurity .com
saltyriver .ru webguardyourpc-33p .net
sparechief .ru englishbusinessok .info
spicyledge .ru rs358l32 .rapidshare .com
stallshare .ru securityinternacces .com
subroyalty .ru gestionmunicipal .org .py
tightspace .ru ownload-hosting-free .biz
urbandream .ru 1zabslwvn538n4i5tcjl .com
vastinsect .ru chakra .master-networking .net
vastobject .ru haijeihefoobeekahkohweto .com
wovenshelf .ru