Feed

150+ trojan, spyeye, worm, malicious domains

Posted on March 31st, 2012 in exploit,New Domains,Spyeye,Trojans,zeus by dglosser

Added over 150 malicious domains associated with trojans, droppers, spyeye, etc. Sources include threatexpert.com, www.sophos.com, safebrowsing.google.com, exposure.iseclab.org, amada.abuse.ch (all sources are listed in our domain.txt file.)

Compressed files are located at: http://www.malware-domains.com (full zone files, note the dash)  and http://dns-bh.sagadc.org/.  We also have a mirror dedicated to research and Open Source Projects – contact us for details.

* Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.  Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
exposure.iseclab.org/malware_domains.txt

fastflux, malicious javascript, and spyeye… oh my

Posted on February 1st, 2012 in malspam,malvertising,New Domains,rogue antivirus,Spyeye by dglosser

Added 129 domains associated with malicious javascript, spyeye, pdf exploits, etc. Sources: www3.malekal.com/pdf.txt, exposure.iseclab.org, sucuri.net and other s(every source is  listed in the domains.txt file). Please update your blocklists/sinkhole  and follow  our Terms of Use.

Jan 12 Update: 92 Domains

Posted on January 13th, 2012 in New Domains,rogue antivirus,Spyeye,Trojans by dglosser

Added 92 domains associated with Alureon Trojan, rogue/fake AV, fastflux botnet, etc. Sources include zeustracker.abuse.ch, www.spamhaus.org, www.emergingthreats.net, amada.abuse.ch/blocklist.php?download=proactivelistings

(every source is  listed in the domains.txt file)

Reminder: the mirror for compressed zip files is up and running – please contact us for details – right now it has very little usage.

Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.

These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.

Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned!

Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.

Domains.txt file is the complete list along with original reference.
Justdomains contains list of only the domain names.

BOOT file is in MS DNS format. malwaredomains.zones file is in BIND format.

Also Available in AdBlock, ISA, and MaraDNS formats.

A trusted source on the WOT-the Web of Trust . Used by SURBL,

Scam, Spyeye, Exploit Domains

Posted on December 14th, 2011 in fraud,New Domains,Spyeye,Trojans,zeus by dglosser

Added almost 100 new domains associated with investment scams, exploits, etc. Sources include malc0de.com, spyeyetracker.abuse.ch, www3.malekal.com and several others (Every source is  listed in the domains.txt file)

Reminder: the mirror for compressed zip files is up and running – please contact us for details – right now it has very little usage.

Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.

These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.

Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned!

Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.

Domains.txt file is the complete list along with original reference.
Justdomains contains list of only the domain names.

BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format.

Also Available in AdBlock, ISA, and MaraDNS formats.

A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

iframe,sqli,cybercriminal domains

Posted on December 3rd, 2011 in 0day,iframes,New Domains,Spyeye,Trojans,zeus by dglosser

A small but important update containing domains associated with iframes, cybercriminals, zeus, and our friend lilupophilupop . com.   Sources include malc0de.com, safebrowsing.google.com, www.spamhaus.org (Every source is  listed in the domains.txt file)…

Reminder: the mirror for compressed zip files is up and running – please contact us for details – right now it has very little usage.

Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.

These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.

Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned!

Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.

Domains.txt file is the complete list along with original reference.
Justdomains contains list of only the domain names.

BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format.

Also Available in AdBlock, ISA, and MaraDNS formats.

A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

Black Hole, Cridex, Drivebys, Trojan Domains

Posted on November 24th, 2011 in Spyeye,Trojans by dglosser

Add domains associated with Cridex, trojans, drive-bys. malicious javascript and more. Sources include www.securityhome.eu, www.spamhaus.org, malc0de.com

Every source is  listed in the domains.txt file)…

Remember, the mirror for compressed zip files is up and running – please contact us for details – right now it has very little usage.

Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.

These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.

Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned!

Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.

Domains.txt file is the complete list along with original reference.
Justdomains contains list of only the domain names.

BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format.

Also Available in AdBlock, ISA, and MaraDNS formats.

A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

Nov 2 Update: 167 Dangerous Domains

Posted on November 3rd, 2011 in iframes,malvertising,New Domains,rogue antivirus,Spyeye,Trojans,zeus by dglosser

167 malicious and Dangerous Domains associated with fake jobs, malvertising, poisonivy, nitro, trojans…

ww.malwareurl.com and others

(Every source is  listed in the domains.txt file)

Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.

These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.

Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned!

Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.

Domains.txt file is the complete list along with original reference.
Justdomains contains list of only the domain names.

BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format. (The mirror for compressed zip files is up and running – please contact us for details.)

Also Available in AdBlock, ISA, and MaraDNS formats.

A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…


SQLi, Fastflux Botnet, Dirt Jumper and more

Posted on October 25th, 2011 in fastflux,New Domains,RBN,rogue antivirus,Spyeye,sql injection,zeus by dglosser

Added 210 domains associated with SQLi, Dirt Jumper, RBN, fast flux botnets and other maliciousness. Sources include blog.dynamoo.com, ddanchev.blogspot.com, www.malwareurl.com and others

(Every source is  listed in the domains.txt file)

Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.

These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.

Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.

Domains.txt file is the complete list along with original reference.
Justdomains contains list of only the domain names.

BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format. (The mirror for compressed zip files is up and running – please contact us for details.)

Also Available in AdBlock, ISA, and MaraDNS formats.

A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

Fraud, Scam, Spyeye, Zeus

Posted on September 30th, 2011 in New Domains,Spyeye,zeus by dglosser

Added 100  Fraud, Scam, Spyeye, Zeus and other malicious domains. Sources include xylibox.blogspot.com, vxvault.siri-urz.net, blog.dynamoo.com (Every source is  listed in the domains.txt file)


Please contact us regarding a dedicated mirror for compressed files…  The files will be in zip format.


Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.

These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.

Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.

Domains.txt file is the complete list along with original reference.
Justdomains contains list of only the domain names.

BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format.

Also Available in AdBlock, ISA, and MaraDNS formats.

A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

xylibox.blogspot.com

blackholeexploitkit, fraud, rogue, domains

Posted on September 4th, 2011 in fraud,New Domains,Phishing,rogue antivirus,Spyeye by dglosser

Added over 340 domains associated with fraud, blackhole exploit kit, phishing, rogue antivirus, etc. Sources include malwareurl.com, www.spamhaus.org, malwaredomainlist.com

(Every source is  listed in the domains.txt file)…

Reminder:  The zone and text files are ONLY be available from a mirror and are not available from  the main site!!

Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.

These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.

Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.

Domains.txt file is the complete list along with original reference.
Justdomains contains list of only the domain names.

BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format.

Also Available in AdBlock, ISA, and MaraDNS formats.

A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…