Feed

Latest Update: Dynamic DNS, bphoster, cycbot, palevo

Posted on February 28th, 2012 in dynamic dns,malvertising,New Domains,Trojans by dglosser

Added many dynamic dns domains to our dynamic dns  list, and domains associated with bphoster, cycbot, palevo, malvertising to our domain blocklists.  Sources:xylibox.blogspot.com, www.malware-control.com, hosts-file.net and others.

Compressed files are located at: http://www.malware-domains.com (full zone files, note the dash)  and http://dns-bh.sagadc.org/.  We also have a mirror dedicated to research and Open Source Projects – contact us for details.

* Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.  Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

List Recertification: Over 1300 Domains Removed

Posted on February 25th, 2012 in Domain News,Removed Domains by dglosser

Over 1300 domains have been delisted.   Please update your blocklists

Reminders:

  • the main site does not contain any zone files. Please download files from one our our download mirrors
  • Pull ONLY the file you need – there is no need to pull every zone file!  Abusers will be banned!
  • Anyone pulling files more than every 12 hours will be banned!
  • We also have a mirror dedicated to research and Open Source Projects – contact us for details.
  • Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use the “wget -N”!

blackhole, cridex, sefnit domains…

Posted on February 24th, 2012 in New Domains by dglosser

Added over 150 domains associated with sefnit, cridex, blackhole, etc. (every source is  listed in the domains.txt file). Please update your blocklists/sinkhole  and follow  our Terms of Use.

Reminder: the main site does not contain any zone files. Please download files from one our our download mirrors

 

 

 

Reminder: where to download our zone files

Posted on February 23rd, 2012 in mirror by dglosser

Reminder: the main site does not contain any zone files. Please download files from one our our download mirrors

.

Carberp, IceX, malvertising, sinowal domains

Posted on February 19th, 2012 in exploit,iframes,malspam,malvertising,New Domains,Trojans,zeus by dglosser

109 new domains added.  Associated with Carberp, IceX, malvertising, sinowal, Zeus, etc. Sources: zeustracker.abuse.ch, spamhaus.org, urlquery.net, google safebrowsing and other (every source is  listed in the domains.txt file)

Compressed files are located at: http://www.malware-domains.com (full zone files, note the dash)  and http://dns-bh.sagadc.org/.  We also have a mirror dedicated to research and Open Source Projects – contact us for details.

* Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use the “wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.  Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

 

Please give it a try and let us know…

 

More pdfexploits, c&c, malvertising domains

Posted on February 17th, 2012 in exploit,malvertising,New Domains,Trojans by dglosser

104 new domains associated with pdf exploits, c&c, malvertising, and other maliciousness added. Sources include exposure.iseclab.org, www.phishtank.com, www3.malekal.com and others (every source is  listed in the domains.txt file). Please update your blocklists/sinkhole  and follow  our Terms of Use.

Mirror is Back Online (also new mirror)

Posted on February 15th, 2012 in Domain News by dglosser

mirror2.malwaredomains.com is back up – direct access to the zone files is working but things like displaying directory indices is a work-in-progress.

We are also testing another mirror  –  compressed full zone files only  –  located at  http://www.malware-domains.com/ (note the dash)

Please give it a try and let us know…

 

 

mirror2.malwaredomains.com temporarily down

Posted on February 14th, 2012 in Domain News by dglosser

mirror2.malwaredmains.com is temporarily down; we will update you once it is back up.  In the meantime, please use one of the other mirrors or contact us for details regarding the mirror handling only compressed files.

 

Backdoors, htaccess redirects, nacha and other malicious domains

Posted on February 13th, 2012 in BH Exploit Kit,New Domains,Trojans,zeus by dglosser

Domains from xylibox.blogspot.com, sucuri.net, blog.dynamoo.com and others were added (every source is  listed in the domains.txt file)

Reminder: the mirror for compressed zip files is up and running – please contact us for details – right now it has very little usage.

* Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.
 
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.
 
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned!
 
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.  Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

Another 200+ domains Added

Posted on February 10th, 2012 in exploit,malvertising,New Domains,Trojans,zeus by dglosser

Added 200+ domains associated with the usual exploits, trojans, malvertising, etc. Sources include wepawet.iseclab.org, hosts-file.net, abuse.ch (every source is  listed in the domains.txt file). Please update your blocklists/sinkhole  and follow  our Terms of Use.