Feed

117 New Domains (superfish and others)

Posted on February 27th, 2015 in New Domains by dglosser

Added 117 new domains (including a bunch of “superfish” domains).  Please update your blocklists and follow our terms of use.

necurs, h-worm, njrat domains

Posted on February 26th, 2015 in New Domains by dglosser

Added 140 necurs, h-worm, njrat, and other malicious domains (all domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

nuclear ek, ramdo, sweet orange domains

Posted on February 25th, 2015 in New Domains by dglosser

Added 311 domains (nuclear ek, ramdo, sweet orange, fiesta_ek, cryptowall) from malware-traffic-analysis, securelist, emergingthreats and others (all domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

260 malspam domains

Posted on February 19th, 2015 in New Domains by dglosser

Added 260 malicious spam (malspam) and some plain spam domains. Sources: spamhaus.org, mayhemiclabs.com, blog.dynamoo.com (all domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

malspam, dga, phishing domains

Posted on February 16th, 2015 in New Domains by dglosser

We’ve added a few hundred domains between 2/8  & 2/15 from  dynamoo, mwsl, safebrowsing, openphish.com, zscaler and others. Please update your blocklists and follow our terms of use

 

Recent Updates

Posted on February 7th, 2015 in New Domains by dglosser

2/1 – 799 domains
2/3 – 221 domains
2/6 – 56 domains
Please update your blocklists and follow our terms of use.

364,000 NewGOZ DGA Domains

Posted on January 31st, 2015 in New Domains by dglosser

I took the code from www.johannesbader.ch and ran it for all of 2015. The results are here, the code we used is here.

Please let me know if you find this useful, email me at mal1waredomains2@gmail3.com (remove all numbers).

 

99 new domains (symmi, google safebrowsing)

Posted on January 28th, 2015 in New Domains by dglosser

Added 99 new domains (symmi, google safebrowsing) from www.google.com/safebrowsing and www.johannesbader.ch. Please update your blocklists and follow our terms of use.

shiotob, scieron, tinba domains

Posted on January 26th, 2015 in New Domains by dglosser

Added about 300 domains on 1/24 and 1/25 (shiotob, scieron, tinba and other malicious domains) from johannesbader.ch, google safebrowsing, emergingthreats.net, virustotal and others (all domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

229 New Domains

Posted on January 23rd, 2015 in New Domains by dglosser

Added 229 new domains (iframes, forum spam, attack pages) from google safebrowsing, malc0de, and sucuri.

(all domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.