Feed

MoneyMule, Redkit, phishing domains…

Posted on June 30th, 2013 in exploit,malspam,malvertising,MoneyMule,New Domains by dglosser

Added 184 domains associated with MoneyMule, Redkit, phishing, neutrino, etc.  Sources:malwareurls.joxeankoret.com, siteinspector.comodo.com, urlquery.net and others (all sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs.
* twitter page: https://twitter.com/malwaredomains
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format. Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

61 Domains – Blackhole Exploit Kit Suspended

Posted on June 29th, 2013 in Domain News,General Security by dglosser

Malware Must Die reports the suspension of 61 Domains Associated with the Blackhold Exploit kit.  Great News!

If you are tracking domains in your sinkhole, you may wish to add these domains to your own sinkhole.

Malicious Spam, Phishing, Multibanker, Malicious Advertising Domains…

Posted on June 28th, 2013 in malspam,malvertising,New Domains,Phishing,Trojans by dglosser

Added 114 domains associated with Phishing, Malicious Ad Banners, sinowal, multibanker, MalSpam, and other badness from blog.dynamoo.com, safebrowsing.clients.google.com, virustracker.info, www.phishtank.com (all sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs.
* twitter page: https://twitter.com/malwaredomains
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format. Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

citadel, zeus, styx, iframe domains

Posted on June 26th, 2013 in iframes,New Domains,zeus by dglosser

Huge update of 282 domains associated with Zeus, Citadel, Styx, malicious redirections, iframes, and other badness you don’t want on your network or home computer. Sources: labs.sucuri.net, siteinspector.comodo.com, www.malwaregroup.com, zeustracker.abuse.ch (all sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs.
* twitter page: https://twitter.com/malwaredomains
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format. Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

Big Update: 278 domains (multibanker, ramnit, sinowal…)

Posted on June 20th, 2013 in New Domains by dglosser

Added 278 domains (multibanker, ramnit, sinowal, styx, malicious spam, etc) from virustracker.info, blog.dynamoo.com, safebrowsing.clients.google.com and others (all sources are listed in our domains.txt file.)

Please update your blocklists and follow our terms of use.

 

124 iframe, malspam,citadel domains

Posted on June 16th, 2013 in New Domains,Trojans,zeus by dglosser

124 iframe, malspam, citadel and other harmful domains added from blog.dynamoo.com, zeustracker.abuse.ch, www.emergingthreats.net and other sources (all sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs.
* twitter page: https://twitter.com/malwaredomains
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format. Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

Sinkholed Domains

Posted on June 16th, 2013 in Off Topic by dglosser

Should we list domains which are already sinkholed?

It would be useful if you are  capturing and analyzing information….

However, it does limit the amount of research and data that the legitimate companies will be receiving regarding the sinkholed domains…

Email us your thoughts at 124malwaredomains5@9gmail.3com (remove all numbers)

 

 

 

 

bhek, malvertising, phishing domains

Posted on June 13th, 2013 in New Domains by dglosser

100+ harmful domains associated with phishing, malvertising,  BHEK.   Sources: safebrowsing.clients.google.com, www.malwaregroup.com, www.phishtank.com (all sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs.
* twitter page: https://twitter.com/malwaredomains
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format. Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
We also have a mirror dedicated to research and Open Source Projects – please contact us for details.
NO ZONE FILES ARE LOCATED ON THIS SITE. Users and ip addresses which repeatedly attempt to download zone files directly from this site will be banned from all downloads

BHEKv2, Neutrino, keyboy malvertising domains…

Posted on June 11th, 2013 in BH Exploit Kit,iframes,malspam,malvertising,New Domains,Trojans by dglosser

Added 107 new domains from a variety of sources… BHEKv2, malspam, keyboy, Neutrino, malicious banner ads, android trojan domains, and all sorts of badness originally cited at blog.dynamoo.com, community.rapid7.com, urlquery.net, www.emergingthreats.net and others (all sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs.
* twitter page: https://twitter.com/malwaredomains
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format. Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
We also have a mirror dedicated to research and Open Source Projects – please contact us for details.
NO ZONE FILES ARE LOCATED ON THIS SITE. Users and ip addresses which repeatedly attempt to download zone files directly from this site will be banned from all downloads

Wikipedia – DNS Sinkhole

Posted on June 11th, 2013 in New Domains by dglosser

Just realized that Wikipedia has an article on DNS Sinkholes.