Feed

Huge Update… over 200 malspam & iframe domains

Posted on September 21st, 2013 in iframes,malspam,New Domains by dglosser

Added 240 malicious (malspame, iframe) domains from ddanchev.blogspot.com, blog.dynamoo.com, and other sources.  Please update your blocklists and follow our terms of use.

bhek, dnsamplification, sutratds, trojan domains

Posted on August 5th, 2013 in BH Exploit Kit,exploit,iframes,New Domains,Phishing,Trojans by dglosser

A small but important update of domains associated with DNS Amplification, SutraTDS, BHEK, phishing domains and other badness.  Sources: blog.dynamoo.com, dnsamplificationattacks.blogspot.com, safeweb.norton.com, www.mwis.ru, etc. (all sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs.
* twitter page: https://twitter.com/malwaredomains
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format. Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

Big Update: 280 domains

Posted on July 31st, 2013 in iframes,malspam,malvertising,New Domains by dglosser

Added 280 domains (iframes, malspam, multibanker, Ramnit, redkit etc from blog.dynamoo.com, malc0de.com, urlquery.net, virustracker.info ((all sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs.
* twitter page: https://twitter.com/malwaredomains
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format. Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

Betabot, Citadel, RedKit, TDS Domains…

Posted on July 7th, 2013 in iframes,malspam,malvertising,New Domains,Trojans by dglosser

Added domains associated with Betabot, Citadel, SutraTDS, RedKit,  iframes. Sources include malwareurls.joxeankoret.com, malc0de.com, vxvault.siri-urz.net, www.exposedbotnets.com (all sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs.
* twitter page: https://twitter.com/malwaredomains
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format. Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

iframes, malicious javascript, malvertising, redirects

Posted on July 2nd, 2013 in iframes,malspam,malvertising,New Domains by dglosser

Added 137 malicious domains (iframes, malicious js, malvertising, malspam, etc) from labs.sucuri.net, blog.dynamoo.com, safebrowsing.clients.google.com and others. Please update your blocklists and follow our terms of use

citadel, zeus, styx, iframe domains

Posted on June 26th, 2013 in iframes,New Domains,zeus by dglosser

Huge update of 282 domains associated with Zeus, Citadel, Styx, malicious redirections, iframes, and other badness you don’t want on your network or home computer. Sources: labs.sucuri.net, siteinspector.comodo.com, www.malwaregroup.com, zeustracker.abuse.ch (all sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs.
* twitter page: https://twitter.com/malwaredomains
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format. Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

BHEKv2, Neutrino, keyboy malvertising domains…

Posted on June 11th, 2013 in BH Exploit Kit,iframes,malspam,malvertising,New Domains,Trojans by dglosser

Added 107 new domains from a variety of sources… BHEKv2, malspam, keyboy, Neutrino, malicious banner ads, android trojan domains, and all sorts of badness originally cited at blog.dynamoo.com, community.rapid7.com, urlquery.net, www.emergingthreats.net and others (all sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs.
* twitter page: https://twitter.com/malwaredomains
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format. Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
We also have a mirror dedicated to research and Open Source Projects – please contact us for details.
NO ZONE FILES ARE LOCATED ON THIS SITE. Users and ip addresses which repeatedly attempt to download zone files directly from this site will be banned from all downloads

iframes, malvertising, medfos, net-traveler domains

Posted on June 7th, 2013 in iframes,malvertising,New Domains,Trojans,zeus by dglosser

Added domains associated with iframes, scrinject, zeus, malvertising, medfos, net-traveler. Sources include hosts-file.net, siteinspector.comodo.com, www.emergingthreats.net, www.scumware.org and several others (all sources are listed in our domains.txt file.) Please download only once a day and follow our terms of use.

redkit, iframe, citadel domains

Posted on June 4th, 2013 in iframes,New Domains,Trojans by dglosser

Added 80 domains (botnet, citadel, redkit, iframe…) from deependresearch.org, siteinspector.comodo.com,malwaremustdie.blogspot.com

(all sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs.
* twitter page: https://twitter.com/malwaredomains
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format. Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
We also have a mirror dedicated to research and Open Source Projects – please contact us for details.
NO ZONE FILES ARE LOCATED ON THIS SITE. Users and ip addresses which repeatedly attempt to download zone files directly from this site will be banned from all downloads

5/27 Update – 334 domains

Posted on May 27th, 2013 in iframes,malspam,malvertising,New Domains,rogue antivirus by dglosser

Better late than never – added 334 domains on 5/27.  Fake Flash Player, Rogue, iframes,  malspam, c2 etc from siteinspector.comodo.com, threattrack.tumblr.com, urlquery.net and others  (all sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs.
* twitter page: https://twitter.com/malwaredomains
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format. Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
We also have a mirror dedicated to research and Open Source Projects – please contact us for details.
NO ZONE FILES ARE LOCATED ON THIS SITE. Users and ip addresses which repeatedly attempt to download zone files directly from this site will be banned from all downloads