Feed

Site Delisting: xs4all.nl

Posted on February 28th, 2011 in Removed Domains by dglosser

xs4all.nl has been delisted and will be removed on the next update

Pheonix, Palevo, Neosploit, Money Mule, Rogue Domains

Posted on February 25th, 2011 in exploit,MoneyMule,New Domains,rogue antivirus,Trojans by dglosser

Pheonix, Palevo, Neosploit, Money Mule, Rogue Domains… Sources include support.clean-mx.de, securehomenetworks.blogspot.com, honeywhales.com (Every source is always listed in the domains.txt file):

1mdaily .co .cc aimic-groupllc .asia
2gov .co .cc aimic-groupllc .at
757qwerty .ru aimicgroup-main .asia
7opchat .info antivirusmax .com
aboutavsoft .com aramategroup-first .cc
ad .laoqn .com aramategroup-int .net
artsolve-ltd .at artsolveltdco .at
artsolveltd .cc astech-groupde .cc
azst .net atlant-groupinc .cc
beazeswyn .cz .cc atlant-usainc .net
beazius .cz .cc bredgarcorp-ant .be
bestvideoh .info computeraskmore .info
bleedorr .cz .cc creatence-groupllc .asia
boongosum .com creatence-groupllc .at
chakra .org creatence-groupllc .cc
comaskmore .info creditaskmore .info
convertgame .com creditlover .info
cooljavva .info dads-girls-hall .com
dadsgirls .net designvalentin .info
dagdanis .vv .cc devasteam-ant .ws
delzzerro .cn devonholidaylet .co .uk
dogo-group .cc dofubuhud57 .co .cc
dogo-group .net download-heaven .info
dotjavva .info drysdale-antcorp .at
dotoral .info drysdale-antcorp .biz
estermihen .com drysdale-group-inc .cc
evrensohbet .net elcometotheglobalisnet .com
findoral .info first-guardul .cz .cc
fintec-ukltd .ws first-security-checker .com
flyjavva .info g23h2hfsdjh .co .cc
freehotgay .com g32gshshfh .co .cc
frestilero .com gameaskmore .info
fulhortion .com gavinrazar .cz .cc
goznak .cc generation-groupltd .cc
gronderol .com generationgroup-ltd .net
gsdgsdhsh .vv .cc gogo-group-inc .cc
gteyuim6 .com gogo-teamant .com
haramadbum .com hdsh4hsfhdsj .vv .cc
iloveusa .co .cc he4hshxjhfdjh .co .cc
imennoser .com hermosayasociados .com
javvacash .info homeaskmore .info
jusretung .org i-compass-group .at
kulawield .vv .cc incredible-protectionro .rr .nu
kupitraff .com indexstatyahoo .com
limperniod .com javvadesign .info
listoral .info lilac-groupllc .cc
livejavva .info lookfeel-201101 .co .cc
lmagehost .com maxtrampo .correio .biz
lustzucker .de millennial-artco .biz
medpcela .org millennial-maingrop .net
moijs .com mimosa-groupus .cc
nacolazes .com mimosa-incgroup .com
nadnadzz2 .info ndfn34nfdn .co .cc
net-jacob .cz .cc netprotectionsoftre .com
optiopum .org nimrodltd-uk .net
ottormans .com oliver-antcorp .net
pcantiv .com paultonsgroup-ltd .info
pointlove .info platinumcode .net
popander .com pokervalentin .info
popunder .biz pse1jo2po3 .info
rapedbitch .ru renaissance-llc .cc
ratnadewi .biz renaissancellc .be
raufkhalid .com royalthelmas-teamant .asia
referrall .biz securitysite .mobi
rokmanser .org server1 .unibaaaq .com
secursincro .tk servicios-fisicos3 .info
sexasite .info simpleclean-foru .net
taklonaft .com smart-security-holder .in
tecboom .com socbestclan .3dn .ru
tirgra .org stile-groupllc .net
toikgame .com stilegroup-llc .ws
tradelove .info stroumarcet .com
umpertvilm .com suksesdantrik .co .cc
undowerto .org takoseksi .cultarts .com
untimbags .com tes .stuckin .org
vipprojects .cn top-network-guard .in
vltebtzc .co .cc top-only-scanner .uni .cc
wertulaso .org topsuitesentinel .rr .nu
xcounter .ru tradejavva .info
xs4all .nl valentinhouse .info
yonfolind .com valentinlive .info
zalil .ru valentinsite .info
zdbdbd .co .cc vansforsaleinessex .co .uk
zervman .com visionlove .info
zumugolter .com web-statistics-css .ru
zverstoft .com

This malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.

Please help to keep this site free and donate whatever you can. All donations go to hosting and infrastructure costs.

Also, yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.

Domains.txt file is the complete list along with original reference.
Justdomains contains list of only the domain names.

Please download files from mirror if possible: http://mirror1.malwaredomains.com/files/

BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format.

Also Available in AdBlock, ISA, and MaraDNS formats.

A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

Malwaredomains update directory and files

Posted on February 23rd, 2011 in Domain News by dglosser

With every update, we’ve been publishing both the full list as well as just the updates in separate files.

Do you find the files only containing the updates useful or is the full list enough?  We’d rather save electrons and additional work if there isn’t enough interest.

Please let us know. Thanks

iframes, artro c&c domains, scareware domains

Posted on February 20th, 2011 in iframes,New Domains,rogue antivirus,Trojans,zeus,zlob by dglosser

This update includes zeus, tdss rootlkit, scareware,  and other harmful, malicious sites and domains. Sources include ddanchev.blogspot.com, safebrowsing.google.com, www.sacour.cn and many others (Every source is always listed in the domains.txt file):

9365 .org gdezdeskto .co .cc
1f0fy .com hdfg43hshf .co .cc
8op .cz .cc hh3hfdnfdh .co .cc
elycam .cl hu587tiugi .vv .cc
martuz .cn nemohuildifsd .ru
ntcub .com oajhqooooeqea .in
web7t .com shgeru43hj .co .cc
360doc .com space-tome .co .cc
4www .cz .cc sparebankno1 .com
chango .com teamauctions .com
globe7 .com crj711ki813ck .com
moa3 .co .cc europalebasket .fr
turksex .co f23f21fafae .vv .cc
1porn .co .tv foxypredators .com
bluedisk .ru gdsg342gsgs .vv .cc
dddddd .info gsdg24gshgr .vv .cc
fotopush .ru gsdg43hsweh .co .cc
grb1505 .com gsg3gsdgseg .co .cc
m2121212 .cn gshg3ghsdhs .co .cc
myzoomia .in hdh45hdxfhf .co .cc
redsa .co .cc hfehe3hdfhf .co .cc
weniz .co .kr hugemoviecams .com
a1celebs .com klikspaandelft .nl
findwild .org lkckclcklii1i .com
fmx930 .co .cc parislemarais .com
hushstar .net pornhugevideo .com
madcrack .org releaseplugins .in
oneyaho .info shalillador .cz .cc
prontv .co .cc supermovieshow .in
snarework .us 212156dnfgdn .co .cc
tableplus .in automaticyaran .com
abcd1123 .info bdfnfebne3nf .vv .cc
animacord .com cleanalertcomp .com
chatpoetry .in cy71mavertoo .co .cc
gigasexc .info gsegf3gstg3g .vv .cc
gnu4oke0r .com gsgwegweg23g .vv .cc
snaretrace .us hdfh34hdrfhf .co .cc
tradejas .info ht4hdfgjcjgt .vv .cc
utrade-fx .com interscienceset .in
andradekor .com oijqujnnnsu1 .co .cc
asertinvoi .com premiumutilites .in
bfbf3bfb .vv .cc resortsinitaly .com
cebandis .cz .cc solutionslove .info
cworldxxx .info tubemovievideo .com
drelagda .vv .cc wefge3g1tg1g .vv .cc
enjoy-find .com hyperass-save .rr .nu
firtenbild .com pcwardingsystem .com
gfsdg4gs .co .cc rancholacienega .com
graninis .cz .cc video .blaskel .cz .cc
gworldxxx .info afroprivacyflash .com
hmbcompn12 .com burnley .web-fans .com
hugebigred .com hardnetwork-guard .in
hworldxxx .info hndfdfnfdnxdnf .vv .cc
inmediateam .in hugebigpornmovie .com
malakelv .cz .cc pctroublessolver .com
maridora .vv .cc antivirusesshield .com
micr0abuse .com hdhfdhdfhdfhdfh .vv .cc
natnatraoi .com hiringdivisionjob .com
nvmtymvm .vv .cc 031aec9 .netsolhost .com
oghmalak .vv .cc dvdtubeclipsjbsw .co .cc
pixellove .info monasteriodeboltana .es
prime-load .org pcactivitydebugger .com
topmoviewww .in pccustodianutility .com
tuberedsex .com update-win-soft .ipq .co
videoplugs .net gayeqylipija .linkpc .net
vivaxmotos .com lasicytylyne .linkpc .net
vrazdanuzda .dk pcinspectionutility .com
ajicajcadve .com pcprecautionscenter .com
ajimuqmadve .com pcprotectionservant .com
anti-vir-mc .com yeryeshsdhdhjfdhj .vv .cc
chicagotable .in digitalvideodirectory .in
fdf2fafaf .vv .cc pcstabilitymaximizer .com
gaboyaogytn .com systemtasksoptimizer .com
gewheheh4 .co .cc taskstweakingutility .com
gsgsv2vds .vv .cc facebook-surprise-ness .tk
ifilmmanager .in pcefficiencyreservoir .com
jbcavlajytn .com iecigoqojafuq .publicvm .com
menelibigos .com systemattentionutility .com
morlunaya .vv .cc systemshieldingutility .com
pokeryahoo .info opalicki9hpcarole .narod2 .ru
qbcavlaqdve .com systemsupervisioncenter .com
ristaemanue .com favorit-protectionavwo .rr .nu
sgtbcollege .org pcriskspreventionscenter .com
states-me .co .cc rnyhrdqcokuvjiqw25nwdlif .com
vsegwgewg .vv .cc systemanticrashesutility .com
wancheng .gov .cn accidentspreventingcenter .com
32fdsg3gsg .vv .cc pcautomaticproblemssolver .com
androlhala .cz .cc systemwrecksavertingsystem .com
bigvideocams .com gite-maison-pyrenees-luchon .com
centrihelm .cz .cc bacalhaubr .dominiotemporario .com

This malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.

Please help to keep this site free and donate whatever you can. All donations go to hosting and infrastructure costs.

Also, yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.

Domains.txt file is the complete list along with original reference.
Justdomains contains list of only the domain names.

Please download files from mirror if possible: http://mirror1.malwaredomains.com/files/

BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format.

Also Available in AdBlock, ISA, and MaraDNS formats.

A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

Donation Request for SSL Cert

Posted on February 18th, 2011 in Donate by dglosser

We’ve received several requests to add an SSL cert to our downloads.     As it is, we do not receive nearly enough donations to offset the hosting and infrastructure costs. If you find this site useful, please consider donating so we can add an SSL cert as well as additional functionality. Thanks.

184 New Malicious, Harmful Domains

Posted on February 18th, 2011 in New Domains,Removed Domains,rogue antivirus,Spyeye,Trojans,zeus by dglosser

Delistings: mirrorservice.org, goo.gl, alice.it

Additions: 184 domains associated with zeus, trojans, spyeye, rogue antimalware, etc. Sources include blog.dynamoo.com, labs.snort.org, securehomenetworks.blogspot.com, safebrowsing.google.com (Every source is always listed in the domains.txt file):

18dd .net 98ghwe5p98gh .net
21civ .com agasi-story .info
52rjwg .com berrianguz .com
5ga .info cheburash .ind .in
81813 .com company777 .com
8fd30g .net dangerboom .com
95622 .com dangerboom .net
96pk .com dangerthree .com
ag008 .com differentdata-one .com
axa3 .cn drghwaweg45j4i6u3q32fg2h .com
bd-flats .ru drollkenga .com
belikoff .info drollpinguins .com
benelulz .com drollumbat .com
bgnt .net drollzebra .com
bobtube .info dualicons .co .cc
bog77 .com easyiptracker .info
da0s .info excellentcat .com
dangertwo .com external-top-domains .ru
dangertwo .net fihomuny .co .cc
dor77 .com firastbill .com
drollcats .com funnybarsshow .com
dsd333 .cn funnybearsshow .com
dsms .in funnymarmotshow .com
ejewels .ca funnypinguinshow .com
em-stat .com general-st .info
fps101 .com .ua glhkghjfhhfklffr .com
fuckzebra .com going-wide .net
funglobal .net golovanerabotaet .com
gentix77 .net goodpetrovich .com
getacc .net googletrackgeo .com
getacc2 .com gotcrysaved .in
girtac .ru gotdaesaved .in
glomports .com handbag-review-2010 .com
gol77 .com hollybible .com
googlerr .com images .stmaiget .com
groupmind .in ipcounter .info
gsa8f3 .net iu7nq6br5w .com
gtrafx .com jiuyaoyouxi .com
gwk5ghwo .net lightporntube .com
halyot .net microsoftwindowssecurity184 .com
havephun .org microsoftwindowssecurity185 .com
hotupdate .ru microsoftwindowssecurity199 .com
hscr .info microsoftwindowssecurity200 .com
imageshak .biz mizanticonif .com
irompas .com mollotojub .com
ishnkus .cz .cc molotorasolutions .com
jok7 .com mostporntube .com
lee2ip .com new-looking .net
leemka .com newprojectbrain .com
lotos2 .com online-network-solution .com
mhhsrn .com optimumconsult .net
mirotag .com paroquiasaojoaobatistavicosa .com
molotora .com patriots4ai .com
my-loads .com personal-networkholder45tt .in
my-loads2 .net protect-pc-2011 .co .cc
mysnom .net protection-pc .org
myvafpt .com rerererererere .com
newsdfg .com rogervideos .net
np-comp .com sailingaccommodations .com
npcn .or .kr secure-difitizer .net
nshmz .com sidepotsecured .com
opakisa .info statsnets .com
picheta .net storage-reportcenter678 .net
pinout .in storageistorg-basdan678 .com
popatube .info swindling .info
pornera .info system-of-scan .info
pornero .info termogaz .info
pornerot .info thebest-suite-master .rr .nu
pornikxx .info tianxiaba .net
pornoera .info tickhillroofing .com
pornoero .info tirexhost .com
pornsait .info todayonmytv .com
razumtds .ws traff-shop .net
repoiury .com truegeneralporn .com
rezip .ru tubedownloader .com
rmkstore .us turbostat .org
romanchuk .net upalumpas .com
santa77 .com updatewincenter .com
seololo .com uzimtasnikas .com
sipyjo .cn viatibworkfus .cz .cc
slowpoke .in vikanzubik .com
soxabi .info vizanie3d .com
stxstats .com voldcafuri .cz .cc
top-ups .net volgansuk .com
toplesson .in vrbrothers .com
vecite .info worddreamelpa .cz .cc
vimizont .com worldstatsgate .com
vvvvc .co .cc xp-scaner .com
xp-scan .com xppclapgirl .com
yjolase .net youxibao .info
zaparena .biz zaebalihostingi .com
zxstats .com zaebalikakdolgopizdec .com

This malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.


Please help to keep this site free and donate whatever you can. All donations go to hosting and infrastructure costs.

Also, yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.

Domains.txt file is the complete list along with original reference.
Justdomains contains list of only the domain names.

Please download files from mirror if possible: http://mirror1.malwaredomains.com/files/

BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format.

Also Available in AdBlock, ISA, and MaraDNS formats.

A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

Blocking “All Known Malware Domains”

Posted on February 16th, 2011 in Domain News by dglosser

We’ve been reading how using adblock plus with the malwaredomains subscription will block “All Known Malware Domains”.

While running AdBlock Plus with the the malwaredomains subscription is highly recommended. But it should be seen as part of a defense-in-depth approach to preventing malware from infecting your computer, in conjunction with some or all of the following:

  • keeping your computer fully patched
  • running  antivirus and keeping it up-to-date
  • not browsing the web as administrator
  • running firefox with adblock plus, web of trust, noscript
  • A good host file such as hphosts

PS – Please consider contributing to help keep this list free and useful. For example, we’d like to add SSL to the downloads but do not have the budget at present. Thanks.

List cleanup: 956 domains removed

Posted on February 15th, 2011 in Removed Domains by dglosser

956 domains have been removed.  Please update your blocklists

spyeye, pheonix, palevo, blackhole exploit kit domains

Posted on February 13th, 2011 in gumblar,iframes,New Domains,Spyeye,Trojans,zeus by dglosser

Malicious domains associated with blackhole exploit kit, palevo, gumblar, spyeye and other exploits. Sources include honeywhales.com, honeywhales.com, stopmalvertising.com (Every source is always listed in the domains.txt file):

0did .co .cc 1iuhebritur .com
0r9h .co .cc 24thehshsdw .com
1gov .co .cc 3ffhi5uehbg .com
2gov .co .cc 4oihtgfgklnld .com
asfirey .com 5dshhgodhgi .com
autoklad .net 7hrtheg8deg .com
axstat .com 9f348hthgsf .com
banage .ru ajirfqradve .com
bevelli .com antispamverification .com
bgnt .net asfiuweof .co .cc
bki1 .co .cc automaticyaran .com
bki3 .co .cc av-updates .cw .cm
brempinok .com banjalucke-ljepotice .ru
cityjas .info bnet .doesntexist .org
clicklive .info booblegum22 .co .cc
codelive .info browsewriter .in
cupit-dom .com cheburash .ind .in
d1-eniro .com cl-whitelist .com
datayakoz .info clickweekend .info
disdarred .info co-co-co-co .cz .cc
dlm3 .co .cc diveintoaccessibility .org
dlm7 .co .cc facebook-surprise-jnsd .tk
eiub4ugbud .com facebook-surprise-ness .tk
elgeriofey .com findweekend .info
erubf .info foxypredators .com
flylive .info golontsaver1 .com
g-oogl-e .com gotbigbooty .org
gdsg .co .cc gube2qome8 .cz .cc
geodemy .com hotgallerygirls4u .com
goneblast .com hotvalentin .info
h4rthrt .co .cc houseaskme .info
hca-media .com hw9 .hostseguro .com
hotupdate .ru jebena .ananikolic .su
hujn .co .cc kirmayerlaw .com
hushstar .net lolallvolume .com
inkstock .gr makeitmove .com .au
jastrade .info mandoguard4 .com
jpg7 .cz .cc nawidakhgar .com
kaddos .ru nepalembassy .pk
ko6l .co .cc no-email-spam .com
kolhat .pl odemuamodve .com
kotofey .com ohjvnkvodve .com
lmagehost .com parislemarais .com
loanlove .info pcactivitydebugger .com
locodap .co .cc pcprecautionscenter .com
loveloan .info pcprotectionservant .com
magicbed .co .kr pyxovirginia .in
makliop .biz resortsinitaly .com
mixvide .info sagehillweb .com
naga2013 .co .cc satel25nbr .co .cc
naga2014 .co .cc sgtbcollege .org
nero .gol .ge silnopernul .co .cc
onmimay .com starmediainfo .in
pardokkate .com statick-dns .com
pay-clicks .ru storage-reportcenter678 .net
popatube .info storage-spectrgrover677 .net
pornero .info storageistorg-basdan678 .com
prodriver .ru supermovieshow .in
pushot .com swaytindel .com
reflerman .com systemtasksoptimizer .com
sb .uz t43hotorhe .com
seastats .com teamauctions .com
shljapa .com tuqidig5 .co .cc
t6ryt56 .info update-win-soft .ipq .co
trquebec .in urcdw .zavoddebila .com
vwi8 .co .cc v5881 .vozenet .com
vwi9 .co .cc valentincredit .info
web-der .com valentinsource .info
webfamba .in veodejtikkkaa .in
webzadel .in videospartyh .info
wildprize .com virgilguard1 .com
wodied .net vivaxmotos .com
wudcmb .net weekendbest .info
yaholove .info wellcomedowqa .co .cc
yahoone .info xeydvpyxvtacr .in
yakozbuy .info yahodigital .info
yakozwin .info yakozcool .info
youtube .me .uk zanzabaros .com
zxstats .com

This malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.

Please help to keep this site free and donate whatever you can. All donations go to hosting and infrastructure costs.

Also, yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.

Domains.txt file is the complete list along with original reference.
Justdomains contains list of only the domain names.

Please download files from mirror if possible: http://mirror1.malwaredomains.com/files/

BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format.

Also Available in AdBlock, ISA, and MaraDNS formats.

A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

AMaDa Proactive Blocklist

Posted on February 12th, 2011 in Domain News by dglosser

amada.abuse.ch has several blocklists, including a C&C Domain Blocklist, IP Domain Blocklist, and a beta Proactive blocklist. Worth checking out.