Feed

Bulk Registrars, URL Shorteners, Dynamic DNS Providers

Posted on October 27th, 2011 in Domain News by dglosser

We’ve been maintaining  lists of Bulk Registrars, Dynamic DNS Providers, and URL Shorteners..

http://www.malwaredomains.com/wordpress/?p=1991

We just added a new list of “unverified” URL Shorteners here: url_shorteners-unverified.txt

We’ll be going through the URLs and adding them to the main list once they have been verified. If anyone wishes to help in this effort, please let us know :)

SQLi, Fastflux Botnet, Dirt Jumper and more

Posted on October 25th, 2011 in fastflux,New Domains,RBN,rogue antivirus,Spyeye,sql injection,zeus by dglosser

Added 210 domains associated with SQLi, Dirt Jumper, RBN, fast flux botnets and other maliciousness. Sources include blog.dynamoo.com, ddanchev.blogspot.com, www.malwareurl.com and others

(Every source is  listed in the domains.txt file)

Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.

These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.

Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.

Domains.txt file is the complete list along with original reference.
Justdomains contains list of only the domain names.

BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format. (The mirror for compressed zip files is up and running – please contact us for details.)

Also Available in AdBlock, ISA, and MaraDNS formats.

A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

spyeye,zeus,rbn,scam domains

Posted on October 22nd, 2011 in fraud,malvertising,New Domains,Phishing,RBN,Trojans,zeus by dglosser

Added 206 domains associated with rbn, zeus, botnets, etc. Sources:blog.dynamoo.com, www.emergingthreats.net, zeustracker.abuse.ch and many others (Every source is  listed in the domains.txt file)

Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.

These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.

Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.

Domains.txt file is the complete list along with original reference.
Justdomains contains list of only the domain names.

BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format. (The mirror for compressed zip files is up and running – please contact us for details.)

Also Available in AdBlock, ISA, and MaraDNS formats.

A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

Over 190 malicious domains added

Posted on October 19th, 2011 in exploit,fraud,malspam,malvertising,New Domains,Trojans,zeus by dglosser

Added over 190 malicious domains associated with rbn, blackholeexploit, zeus, etc. Sources include blog.dynamoo.com, www.malwaredomainlist.com, www.emergingthreats.net.

(Every source is  listed in the domains.txt file)

Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.

These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.

Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.

Domains.txt file is the complete list along with original reference.
Justdomains contains list of only the domain names.

BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format. (The mirror for compressed zip files is up and running – please contact us for details.)

Also Available in AdBlock, ISA, and MaraDNS formats.

A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

Malware Defense

Posted on October 18th, 2011 in Domain News by dglosser

Nice mention of this list as part of the Internet Storm Center’s Critical Controls #12  – Malware Defense.

DNS Sinkhole Parser Script Update

Posted on October 16th, 2011 in Domain News by dglosser

DNS Sinkhole Parser Script Update

For those using Guy Bruneau’s DNS Sinkhole ISO, there’s a new sinkhole parser script available.

The new script contains new lists which were not part of the original list.

More information:
http://isc.sans.org/diary/DNS+Sinkhole+Parser+Script+Update/11818

http://www.whitehats.ca/main/index.html

DNS Sinkhole 10/14 Update: 129 New Domains

Posted on October 15th, 2011 in exploit,malspam,malvertising,MoneyMule,New Domains by dglosser

Added 129 domains associated with RBN, moneymule, malspam and other malicious activity you don’t want on your personal computer or network. Sources: www.emergingthreats.net, blog.dynamoo.com, labs.m86security.com and others

(Every source is  listed in the domains.txt file)

Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.

These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.

Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.

Domains.txt file is the complete list along with original reference.
Justdomains contains list of only the domain names.

BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format. (The mirror for compressed zip files is up and running – please contact us for details.)

Also Available in AdBlock, ISA, and MaraDNS formats.

A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…


Steve Jobs Malspam

Posted on October 12th, 2011 in 0day by dglosser

Guess it was inevitable…  Steve jobs spam leading to malicious exploits.  As the list of exploit domains is still evolving, see the following for more information:

http://community.websense.com/blogs/securitylabs/

http://labs.m86security.com

iframe, moneymule, rbn domains

Posted on October 11th, 2011 in exploit,iframes,malspam,New Domains,rogue antivirus,zeus by dglosser

Added over 120 domains associated with RBN, moneymule,  blackhole exploit kit… Sources include wam.dasient.com, www.emergingthreats.net, www.spamhaus.org  (Every source is  listed in the domains.txt file)

Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.

These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.

Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.

Domains.txt file is the complete list along with original reference.
Justdomains contains list of only the domain names.

BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format. (The mirror for compressed zip files is up and running – please contact us for details.)

Also Available in AdBlock, ISA, and MaraDNS formats.

A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…


List Recertification: 1260 Domains Removed

Posted on October 8th, 2011 in New Domains,Removed Domains by dglosser

1260 Domains have been removed. The list of removed domains is here.