Feed

458 Domains Added

Posted on May 2nd, 2015 in New Domains by dglosser

Added 458 domains reported by google, joewein, openphish and other sources as malicious, fraud, spam or other badness you don’t want any browser or system connecting to.  Please update your blocklists as follow our terms of use

Over 630 domain added

Posted on May 1st, 2015 in New Domains by dglosser

Added over 630 pharma spam, fraud, phishing domains from dynamoo.com, joewein, spamhaus and others (All domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

10,955 Pushdo DGA Domains

Posted on April 28th, 2015 in New Domains by dglosser

www.fidelissecurity.com recently published a great article about pushdo.   The list of 10,955 Pushdo domains is  here.

We are always looking for DGA domains.  They probably won’t make it into our main zone files, but we’d like to collect and publish them for researchers and others who may wish to use them either in their DNS blocklist or as part of their IOC efforts

598 VBS Trojan, pharma, Andromeda, exploit domains

Posted on April 27th, 2015 in New Domains by dglosser

Added 598 vbs.trojan.downloader. script.exploit. Andromeda. Pharma Spam domains from dwm.cc, joewein, spamhaus.org and others. Please update your blocklists and follow our terms of use.

Rose Mendes

Huge Update: Over 1200 Domains (Bedep, Dyre, Phishing)

Posted on April 25th, 2015 in New Domains by dglosser

A huge update with 1219 domains added.  Many phishing domains from openphish but also some Bedep and Dyre  domains (from arbornetworks virustotal) and some  flagged by google safebrowsing. (All domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

sofacy, kins, tinba, russiandoll domains

Posted on April 21st, 2015 in New Domains by dglosser

Added 358 domains associated with sofacy, kins, tinba, russiandoll  and other badness which may be used as an IOC my monitoring your server logs. Sources include pwc.blogs.com, google safebrowsing, spamhaus and others (All domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

243 New Domains

Posted on April 19th, 2015 in New Domains by dglosser

Added 243 domains from joewein, zeustracker, cybertracker, vxvault and other sources containing domains associated with zeus, Andromeda  and other badness your browser or your users computers connecting to or from. Please update your blocklists and follow our terms of use.

Palevo, phishing, and other malicious domains

Posted on April 17th, 2015 in New Domains by dglosser

Added 180 domains (Palevo C&C, phishing, and other malicious badness) from phishtank, openphish, joxeankoret and others (All domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

cryptowall domains (phishing, malspam, trojan, zeus too)

Posted on April 14th, 2015 in New Domains by dglosser

Added 258 domains (cryptowall, and some zeus, malicious spam, phishing, and other malicious domains). Sources include malwareurls.joxeankoret.com, www.mwsl.org.cn, threatexpert, and others (All domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

244 new domains added (phishing, tinba, dyreza, attack pages)

Posted on April 13th, 2015 in New Domains by dglosser

added 244 new domains (attack pages, phishing, tinba) from google safebrowsing, virustotal, phishtank and others. (All domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.