Feed

Botnet spam, Zeus, BHEK, iframes…

Posted on February 27th, 2014 in New Domains by dglosser

Added 200 domains on 2/22 and 2/24 associated with Black Hole Exploit Kit, Botnet Spam, malicious iframes, etc. Please update your blocklist and follow our terms of use

ru8080, Neutrino, Malvertising, AnglerEK domains

Posted on February 20th, 2014 in New Domains by dglosser

Added 294 domains (malspam, malvertising, Angler Exploit Kit, ru 8080, etc) domains on 2/17 and 2/19. Sources include app.webinspector.com, blog.dynamoo.com, www.webroot.com (All domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

341 New Domains…

Posted on February 17th, 2014 in New Domains by dglosser

Added 341 new domains. Please update your blocklist and follow our terms of use

341 new domains (cryptolocker, asprox,carto,jackPOS,etc)

Posted on February 13th, 2014 in New Domains by dglosser

Added 341 new domains (cryptolocker, asprox carto, jackPOS, etc.) While some of the domains and C&C servers may have been taken down or sinkholed,  adding these domains to your internal DNS server resolving to your own web server will help you identify which of your clients are infected on your local network.

Sources include blog.dynamoo.com, community.emc.com, malwareurls.joxeankoret.com, rebsnippets.blogspot.com (All domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

 

 

ransonware, malicious js, linkup domains

Posted on February 10th, 2014 in New Domains by dglosser

Huge update of over 550 domains associated with linkup, iframes, malicious javascript, ransonware, etc. Sources include malwaredomainlist.com, totalhash.com, labs.sucuri.net, malwr.com,joxeankoret.com and others (All domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

200+ browserlock/ransomware domains added

Posted on February 6th, 2014 in New Domains by dglosser

Added over 400 domains in total… Over 200 were associated with browserlock, ransomware, browlock, etc.  Please update your blocklists and follow our terms of use.

Another Big Update: 437 Domains

Posted on February 3rd, 2014 in New Domains by dglosser

Another big update, 437 domains. Sources include: www.spamhaus.org, malwareurls.joxeankoret.com, www.nictasoft.com (All domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

Big update: 430 domains

Posted on February 1st, 2014 in New Domains by dglosser

Added 430 domains from the usual great sources (malwareurls.joxeankoret.com, zeustracker.abuse.ch, blog.dynamoo.com, etc.) These domains are associated with exploit kits, zeus, redkit, iframes, etc – nothing you’d want your browser to access. (All domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains (may be down, we are testing)

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.