Feed

150+ trojan, spyeye, worm, malicious domains

Posted on March 31st, 2012 in exploit,New Domains,Spyeye,Trojans,zeus by dglosser

Added over 150 malicious domains associated with trojans, droppers, spyeye, etc. Sources include threatexpert.com, www.sophos.com, safebrowsing.google.com, exposure.iseclab.org, amada.abuse.ch (all sources are listed in our domain.txt file.)

Compressed files are located at: http://www.malware-domains.com (full zone files, note the dash)  and http://dns-bh.sagadc.org/.  We also have a mirror dedicated to research and Open Source Projects – contact us for details.

* Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.  Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
exposure.iseclab.org/malware_domains.txt

cybercriminal, hiloti, trojan domains…

Posted on March 28th, 2012 in New Domains by dglosser

Added 164 domains associated with trojan activity, cybercriminals, hiloti, etc.  Sources include iseclab.org, amada.abuse.ch, www.spamhaus.org and others (all sources are listed in our domain.txt file.)

Compressed files are located at: http://www.malware-domains.com (full zone files, note the dash)  and http://dns-bh.sagadc.org/.  We also have a mirror dedicated to research and Open Source Projects – contact us for details.

* Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.  Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
exposure.iseclab.org/malware_domains.txt

Delisting: digestum.es

Posted on March 27th, 2012 in New Domains by dglosser

digestum.es. has been delisted and will be removed on the next update

malspam, exploits, malicious iframes…

Posted on March 26th, 2012 in BH Exploit Kit,exploit,iframes,malspam,malvertising,New Domains by dglosser

Added over 200 domains associated with malspam, black hole exploits, botnets and other badness. Sources include malwareurl.com, google.co.uk, zeustracker.abuse.ch.  Please update your blocklists/sinkhole  and follow  our Terms of Use.

Reminder: the main site does not contain any zone files. Please download files from one our our download mirrors

cloudflare inquiry

Posted on March 23rd, 2012 in New Domains by dglosser

If anyone is using cloudflare, please let us know.  We’re interested in knowing whether or not we can utilize their free service to help reduce bandwidth. Thanks

 

bankpatch, blackenergy, htaccess redirects…

Posted on March 22nd, 2012 in iframes,malvertising,New Domains,rogue antivirus,Trojans,zeus,zlob by dglosser

Add over 190 domains associated with iframes, malicious javascripts, htaccess redirects, malvertising, etc. Sources include sucuri.net, safebrowsing.clients.google.com, iseclab.org and others (all sources are listed in our domain.txt file.)

Compressed files are located at: http://www.malware-domains.com (full zone files, note the dash)  and http://dns-bh.sagadc.org/.  We also have a mirror dedicated to research and Open Source Projects – contact us for details.

* Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.  Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

Backdoors, botnets, malspam, trojan domains

Posted on March 19th, 2012 in malspam,New Domains,Trojans by dglosser

Added over 185 domains associated with trojans, malspam, backdoors, etc. Sources include www.sophos.com, amada.abuse.ch, exposure.iseclab.org and others (every source is  listed in our domains.txt file). Please update your blocklists/sinkhole  and follow  our Terms of Use.

Reminder: the main site does not contain any zone files. Please download files from one our our download mirrors

Site Delistings: suppercook.ru and filegood.ru

Posted on March 15th, 2012 in Removed Domains by dglosser

suppercook.ru and  filegood.ru have been delisted and will be removed on the next update

 

200+ Domains Added

Posted on March 15th, 2012 in BH Exploit Kit,exploit,New Domains,Trojans by dglosser

Old Added over 200 domains (on the 13th, sorry about the late post) associated with pornmocup, black hole exploits. sakura, crimepack, etc. Sources include hosts-file.net, www.malwareurl.com, c-apt-ure.blogspot.com and others (all sources are listed in our domain.txt file.)

Compressed files are located at: http://www.malware-domains.com (full zone files, note the dash)  and http://dns-bh.sagadc.org/.  We also have a mirror dedicated to research and Open Source Projects – contact us for details.

* Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.  Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

Huge Update: 342 Domains Added

Posted on March 11th, 2012 in BH Exploit Kit,exploit,New Domains,Trojans by dglosser

Added 342 domains associated with agent-vcf, bhexploitkit, phoenix exploit kit. zbot, and lots of other badness. Sources include www.sophos.com,   www.malwareurl.com, c-apt-ure.blogspot.com, and many many  others (all sources are listed in our domain.txt file.)

Compressed files are located at: http://www.malware-domains.com (full zone files, note the dash)  and http://dns-bh.sagadc.org/.  We also have a mirror dedicated to research and Open Source Projects – contact us for details.

* Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.  Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…