Feed

One Million Conficker DGA Domains…

Posted on November 12th, 2014 in New Domains by dglosser

We know Conficker/Downadup is years old, but the sad truth is that many organizations still have machines vulnerable to Conficker

We’ve uploaded Conficker/Downadup A-B-C-D  DGA domains for November 2014… Over a million of them(!), called conficker_201411xx.zip  (Zip file format only).

These domains are NOT added any master list.   The files are NOT  “set it and forget it”… They need to be cleaned up a bit (for example, of any comments).

As with any of our lists, use at your own risk (in this case, especially the risk of false positives or blowing up your DNS server).

Sources:
http://net.cs.uni-bonn.de/wg/cs/applications/containing-conficker/
https://www.alienvault.com/open-threat-exchange/blog/detecting-malware-domains-by-syntax-heuristics

Two Requests:

  • PLEASE let us know if this is useful in any way and if we should continue this exercise for December and January’s Conficker Domains.
  • PLEASE let us know if there are any available lists or sources of DGA domains or DGA domain algorithms.

 

 

 

Comments are closed.