Feed

False positive on login.yahoo.com

Posted on June 21st, 2017 in New Domains by ndunker

On June 19th, a well-known anti-phishing partner listed a URL which was legitimately part of Yahoo, in error. We promptly removed the listing from our own database as soon as we noticed it. We have several automated processes that should have stopped this from happening at all. We’ve updated those processes and are currently reviewing them for further improvements to reduce the likelihood of major false positives of this nature.

Third parties that aggregate and report on our feeds should have already cleared the Yahoo URL, though certain website privacy plugins appear to be using third-party data that hasn’t updated yet. We remain committed to providing a high-integrity data feed, and apologize for any inconvenience caused.

List update/fixing inconsistencies

Posted on March 2nd, 2017 in New Domains,Removed Domains by Adam Shinn

We were notified that our justdomains and domains.txt files had some inconsistencies with the domains listed. These domains were either old entires that needed removed or had been removed from one list and not the other. Big thanks to Mike Lee for pointing this out to us.

Our current list is at 19,207 malicious domains. We have seen an increase in user submitted domains over the past month. Thanks to those who have submitted their findings.

Current List & Mirror Status

Posted on February 6th, 2017 in mirror,New Domains,Removed Domains by Adam Shinn

Our list is currently at 17,534 malicious domains. Thanks to everyone who has submitted domains to our list. If your domain is no longer malicious, please contact us at malwar1edomain3s@gm2ail.c9om for removal (remove all numbers).

Mirror 1 is fully operational again. Big thanks to all of our supporters who are hosting our list!

Thank you for using Malware Domains.

Trouble with one of our mirrors

Posted on January 9th, 2017 in New Domains by ndunker

mirror1.malwaredomains.com has been unstable over the weekend. GT500.org staff is working to migrate the site (including the mirrors graciously provided for the security community) to a new server. If you’re having trouble fetching BHDNS files, please try another mirror.

List Update, 1000+ Ransomware Domains Added In Past Month

Posted on December 21st, 2016 in New Domains,Removed Domains by Adam Shinn

Over the past month we have added 2934 domains to our list and removed 3898. 1140 of these domains contain Locky ransomware payloads. Many of these domains are compromised sites hosting the payloads unwittingly. If you are the webmaster of one of these sites, please remove the malicious content and send us an email so we can remove the domain from our list.

Also, if you find a malicious domain, please send it to malwa5redo4mains@g8mail.c9om (remove all numbers).

Thank you for using Malware Domains.

Added Ransomware Domains

Posted on November 22nd, 2016 in New Domains by Adam Shinn

We added over 100 domains to the list seen distributing ransomware. Please update to the latest list via one of our mirrors. We have also seen an increase in domains submitted by the community. Thanks to everyone who has sent in their findings.

Malware Domains

Another List Update

Posted on November 8th, 2016 in New Domains,ransomware,Removed Domains by Adam Shinn

Since our last update, we have added 3764 domains to the list and removed 6788. Locky ransomware campaigns ebbed and flowed over the past month. Newer variants of this ransomware have changed file extensions used for encrypted files.

Thanks to the community for submitting domains and helping keep the list clean.

Thank you for using Malware Domains.

List Updated

Posted on October 11th, 2016 in New Domains,Removed Domains by Adam Shinn

Since last month’s update, we have added 2085 domains to the list. We have also removed 8428 domains from the list. Many of the domains that have been added are a part of ransomware campaigns. If you find a malicious domain, please submit it to us and we will add it to the list.

Thank you for using Malware Domains.

List Update

Posted on September 14th, 2016 in New Domains,Removed Domains by dglosser

Since our stats update from last month, we have added 3711 domains to the list and removed 8104. More Locky and Cerber ransomware has surfaced over the past few days. We will add these domains to our list as we find them and as they are submitted to us. If you have a domain to submit, email us at malwar4edom9ains@gm7ail.com (remove all numbers) with evidence of malicious activity found.

Malware Domains

More Ransomware Domains Added

Posted on September 8th, 2016 in New Domains,ransomware by Adam Shinn

We’ve added another batch of locky ransomware downloaders to the list. Please update to the latest list from one of our mirrors. Many thanks to the community for all the hard work.

Malware Domains