Feed

Weekly List Update

Posted on September 22nd, 2017 in New Domains,Removed Domains by Adam Shinn

Starting today, Malware Domains will post a weekly blog detailing changes made to the list. We will also tweet these stats as well. Follow us @malwaredomains on Twitter here: https://twitter.com/malwaredomains

Our current list is at 29404 entries. This week 4975 domains were removed from our list and 1887 were added.

If a domain on our list has been secured, please email us at mal4wared7omains@3riskanalytics.com (remove all numbers) to request removal.

Thank you for using Malware Domains.

List Cleanup & The Coming Weeks

Posted on September 18th, 2017 in New Domains,Removed Domains by Adam Shinn

This past Friday, September 15th, we removed 2500+ entries from the Malware Domains list. Over the next few weeks, we will continue to manually re-validate and remove benign entries from this list. A weekly blog post will be posted regarding the list changes that occur.

We are also working to automate the removal process for false positives and domains that are no longer compromised. This will cause our list to change drastically, however the data will be much more up to date. More details will be posted as we grow closer to implementing this automation.

If you find a malicious or compromised domain, please submit it to us at “mal2war4edomain2s@gmail.com” (remove all numbers).

Thank you for using Malware Domains.

False positive on login.yahoo.com

Posted on June 21st, 2017 in New Domains by ndunker

On June 19th, a well-known anti-phishing partner listed a URL which was legitimately part of Yahoo, in error. We promptly removed the listing from our own database as soon as we noticed it. We have several automated processes that should have stopped this from happening at all. We’ve updated those processes and are currently reviewing them for further improvements to reduce the likelihood of major false positives of this nature.

Third parties that aggregate and report on our feeds should have already cleared the Yahoo URL, though certain website privacy plugins appear to be using third-party data that hasn’t updated yet. We remain committed to providing a high-integrity data feed, and apologize for any inconvenience caused.

List update/fixing inconsistencies

Posted on March 2nd, 2017 in New Domains,Removed Domains by Adam Shinn

We were notified that our justdomains and domains.txt files had some inconsistencies with the domains listed. These domains were either old entires that needed removed or had been removed from one list and not the other. Big thanks to Mike Lee for pointing this out to us.

Our current list is at 19,207 malicious domains. We have seen an increase in user submitted domains over the past month. Thanks to those who have submitted their findings.

Current List & Mirror Status

Posted on February 6th, 2017 in mirror,New Domains,Removed Domains by Adam Shinn

Our list is currently at 17,534 malicious domains. Thanks to everyone who has submitted domains to our list. If your domain is no longer malicious, please contact us at malwar1edomain3s@gm2ail.c9om for removal (remove all numbers).

Mirror 1 is fully operational again. Big thanks to all of our supporters who are hosting our list!

Thank you for using Malware Domains.

Trouble with one of our mirrors

Posted on January 9th, 2017 in New Domains by ndunker

mirror1.malwaredomains.com has been unstable over the weekend. GT500.org staff is working to migrate the site (including the mirrors graciously provided for the security community) to a new server. If you’re having trouble fetching BHDNS files, please try another mirror.

List Update, 1000+ Ransomware Domains Added In Past Month

Posted on December 21st, 2016 in New Domains,Removed Domains by Adam Shinn

Over the past month we have added 2934 domains to our list and removed 3898. 1140 of these domains contain Locky ransomware payloads. Many of these domains are compromised sites hosting the payloads unwittingly. If you are the webmaster of one of these sites, please remove the malicious content and send us an email so we can remove the domain from our list.

Also, if you find a malicious domain, please send it to malwa5redo4mains@g8mail.c9om (remove all numbers).

Thank you for using Malware Domains.

Added Ransomware Domains

Posted on November 22nd, 2016 in New Domains by Adam Shinn

We added over 100 domains to the list seen distributing ransomware. Please update to the latest list via one of our mirrors. We have also seen an increase in domains submitted by the community. Thanks to everyone who has sent in their findings.

Malware Domains

Another List Update

Posted on November 8th, 2016 in New Domains,ransomware,Removed Domains by Adam Shinn

Since our last update, we have added 3764 domains to the list and removed 6788. Locky ransomware campaigns ebbed and flowed over the past month. Newer variants of this ransomware have changed file extensions used for encrypted files.

Thanks to the community for submitting domains and helping keep the list clean.

Thank you for using Malware Domains.

List Updated

Posted on October 11th, 2016 in New Domains,Removed Domains by Adam Shinn

Since last month’s update, we have added 2085 domains to the list. We have also removed 8428 domains from the list. Many of the domains that have been added are a part of ransomware campaigns. If you find a malicious domain, please submit it to us and we will add it to the list.

Thank you for using Malware Domains.