Feed

140 exploit, driveby, malicious domains

Posted on September 28th, 2012 in New Domains by dglosser

Added 140 domains associated with drivebys, exploits, etc. Sources include wepawet.iseclab.org, www.urlvoid.com/, sucuri.net
and others (all sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be bannedUse wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.  Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

NO ZONE FILES ARE LOCATED ON THIS SITE.  Users  and ip addresses which repeatedly attempt to download zone files directly from this site will be banned from all downloads.

malvertising, Black Hole Exploit Kit domains

Posted on September 26th, 2012 in New Domains by dglosser

Added a bunch of domains associated with exploit kits, malvertising, and other badness. Sources include www.binrand.com, www.mwis.ru,vxvault.siri-urz.net. (all sources are listed in our domain.txt file.

* Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be bannedUse wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.  Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

NO ZONE FILES ARE LOCATED ON THIS SITE.  Users  and ip addresses which repeatedly attempt to download zone files directly from this site will be banned from all downloads.

Site delistings

Posted on September 25th, 2012 in New Domains by dglosser

artconcoction.com has been delisted and will be removed on the next update.
There is also a (big) mistake in the zone file, don’t wait for an update on our end; please remove safebrowsing.clients.google.com from your zone files ASAP

Nitro, malspam, risky domains…

Posted on September 23rd, 2012 in exploit,fastflux,malspam,New Domains,Trojans,zeus by dglosser

Added domains associated with Nitro, malspam, etc. Sources include safebrowsing.google.com, www.symantec.com, zeustracker.abuse.ch, blog.dynamoo.com, zataz.com, hosts-file.net (all sources are listed in our domain.txt file.

* Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be bannedUse wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.  Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

NO ZONE FILES ARE LOCATED ON THIS SITE.  Users  and ip addresses which repeatedly attempt to download zone files directly from this site will be banned from all downloads.

 

 

Several Sept Updates

Posted on September 16th, 2012 in 0day,BH Exploit Kit,malspam,malvertising,New Domains,rogue antivirus by dglosser

Been so busy updating the malware blocklists forgot to update the blog. Recent updates added domains associated with the Java 0day, Black Hole Exploits, etc.   all sources are listed in our domain.txt file.

* Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.  Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

NO ZONE FILES ARE LOCATED ON THIS SITE.  Users  and ip addresses which repeatedly attempt to download zone files directly from this site will be banned from all downloads.

 

Godaddy DDoS Attack

Posted on September 10th, 2012 in 0day by dglosser

Added 80 new malicious domains

Posted on September 9th, 2012 in New Domains by dglosser

Added 80 new malicious domains.  Please update your blocklists/sinkhole and follow our Terms of Use.

Reminder: the main site does not contain any zone files. Only download files from one our our download mirrors.

java exploit domains, rouge antivirus, malspam domains…

Posted on September 8th, 2012 in 0day,BH Exploit Kit,malspam,New Domains,rogue antivirus by dglosser

Added 101 new domains associated with Java exploits, malicious spam, sutratds, fake antivirus, etc. Sources include www.emergingthreats.net, www.google.com/safebrowsing, blog.dynamoo.com  (all sources are listed in our domain.txt file.)
* Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.  Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
We also have a mirror dedicated to research and Open Source Projects – please contact us for details.
NO ZONE FILES ARE LOCATED ON THIS SITE.  Users  and ip addresses which repeatedly attempt to download zone files directly from this site will be banned from all downloads.

Delistings: Almost 4000 domains removed

Posted on September 4th, 2012 in Removed Domains by dglosser

Almost 4000 domains were delisted, please update your blocklists. A full list of the removed domains are here.

Two updates

Posted on September 3rd, 2012 in 0day,BH Exploit Kit,New Domains by dglosser

Been so busy updating the malware blocklists forgot to update the blog. Updates on August 29th and Sept 1st contained domains associated with the Java 0-day, Black Hole Exploits, and other malicious domains you don’t want visiting your desktops or network. Sources include safebrowsing.clients.google.com, www.scumware.org, blog.dynamoo.com and others (all sources are listed in our domain.txt file.)

* Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.  Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

NO ZONE FILES ARE LOCATED ON THIS SITE.  Users  and ip addresses which repeatedly attempt to download zone files directly from this site will be banned from all downloads.