A small but important update with some fariet, run forest run, bh exploit kit domains. Sources include blog.eset.com, microsoft.com, blog.urlvoid.com and others (all sources are listed in our domain.txt file.)
We were just notified that adblock plus subscription is not updating… we are working on the issue and will let you know when it is fixed.
Old versions of Plesk store passwords in clear text
There is a remote SQL vulnerability that has been found in old versions of Plesk allowing attackers to exploit those
Combine these two together and what do you get, malware of course.
Plesk Vulnerability Leading to Malware
Runforestrun and Pseudo Random Domains
We’ve added a bunch of these domains but you should check the resources above, as well as new IP addresses to block.
(Thanks to Jack W. for keeping us up-to-date on these developments.)
We are proud to announce that virustotal has integrated our list into their URL scanning engine.
Since we don’t store full URLS, it’s in the “additional information” field. Thanks to the good folks at virustotal for making this happen!
Two recent updates, adding over 230 domains associated with “RunForestRun, IceIX, Malicious Spam, Malicious Advertising, etc. Sources include www.malwaredomainlist.com, isc.sans.org, hosts-file.net and many more (all sources are listed in our domain.txt file.)
Compressed files are located at: http://www.malware-domains.com (full zone files, note the dash) and http://dns-bh.sagadc.org/. We also have a mirror dedicated to research and Open Source Projects – contact us for details.
NO ZONE FILES ARE LOCATED ON THIS SITE.
* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs.
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format. Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
Added a few domains, but removed over 2000 older domains. Please update your blocklists.
ryactive.com has been delisted and will be removed on the next update.
Reminder: the main site does not contain any zone files. Only download files from one our our download mirrors.
Added over 140 domains associated with trojans, sql injection, malvertising, etc. Sources include www.xylibox.com, safebrowsing.clients.google.com, blog.dynamoo.com and others (all sources are listed in our domain.txt file.)