Feed

146 domains added

Posted on February 26th, 2013 in New Domains by dglosser

Added 146 domains from www.malwarepatrol.net, malwareurls.joxeankoret.com, virustracker.info and other sources (all sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be bannedUse wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.  Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

NO ZONE FILES ARE LOCATED ON THIS SITE.  Users  and ip addresses which repeatedly attempt to download zone files directly from this site will be banned from all downloads.

Two important updates

Posted on February 22nd, 2013 in New Domains by dglosser

A couple of important updates – 363 domains added on 2/20  and another 220 added on 2/21 (lots of the malicious iframe domains). Please update your blocklists and remember that the main site has NO domain or zone files.

NBC.com redirecting to Exploit kit

Posted on February 21st, 2013 in 0day by dglosser

From https://isc.sans.edu/:

the NBC[.]com website is redirecting to malicious websites that contains exploitkit.
At this point it seems like most of the pages contains an iframe that is redirecting to the first stage of the RedKit exploit kit.
Some of the iframes :

hxxp://www.jaylenosgarage[.]com/trucks/PHP/google.php
hxxp://toplineops[.]com/mtnk.html
hxxp://jaylenosgarage[.]com

We’ll add these iframe domains tonight but you should not wait

 Update: more complete list of domains here  –>> http://ddanchev.blogspot.com/2013/02/dissecting-nbcs-exploits-and-malware.html

CritXPack, zeus, expiro domains

Posted on February 19th, 2013 in New Domains by dglosser

Added 190+ domains associated with zeus/gameover, expiro_z, CritXPack and other badness. Sources include virustracker.info, hosts-file.net, blog.dynamoo.com and others (all sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be bannedUse wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.  Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

NO ZONE FILES ARE LOCATED ON THIS SITE.  Users  and ip addresses which repeatedly attempt to download zone files directly from this site will be banned from all downloads.

Site Delisting: marchex.com

Posted on February 18th, 2013 in Removed Domains by dglosser

marchex .com has been delisted and will be removed on the next update.

 

175 new domains

Posted on February 16th, 2013 in New Domains by dglosser

Added 175 new domains from blog.dynamoo.com,  riskanalytics.com, and safebrowsing.clients.google.com

* Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be bannedUse wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.  Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

NO ZONE FILES ARE LOCATED ON THIS SITE.  Users  and ip addresses which repeatedly attempt to download zone files directly from this site will be banned from all downloads.

 

 

Big Update – 225 Malspam Domains

Posted on February 13th, 2013 in malspam,New Domains by dglosser

Added 225 malicious spam domains from Dynamoo’s awesome blog (http://blog.dynamoo.com/).

* Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be bannedUse wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.  Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

NO ZONE FILES ARE LOCATED ON THIS SITE.  Users  and ip addresses which repeatedly attempt to download zone files directly from this site will be banned from all downloads.

 

Feb 6, 8, 10 updates

Posted on February 12th, 2013 in New Domains by dglosser

Feb 6 – 171 new domains added

Feb 8 – 146 new domains added

Feb 10  – 202 new domains added

 

 

Malicious DNS Traffic – /dev/random – Rootshell

Posted on February 5th, 2013 in New Domains by dglosser

Nice article here..  Malicious DNS Traffic: Detection is Good, Proactivity is Better

http://blog.rootshell.be/2013/01/28/malicious-dns-traffic-detection-is-good-proactivity-is-better/

 

 

116 suspicious, malicious domains

Posted on February 4th, 2013 in malspam,New Domains by dglosser

Added 116 domains from blog.dynamoo.com, www.dshield.org, vxvault.siri-urz.net and others (all sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be bannedUse wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.  Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

NO ZONE FILES ARE LOCATED ON THIS SITE.  Users  and ip addresses which repeatedly attempt to download zone files directly from this site will be banned from all downloads.