Feed

cryptolocker, cryptowall, putter panda, nuclear domains

Posted on June 13th, 2014 in New Domains by dglosser

Added over 200 domains associated with Nuclear EK. Putter Panda, Cryptolocker, Cryptowall… Sources include blogs.cisco.com, gist.github.com, www.crowdstrike.com   (All domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

Putter Panda Domains Wanted

Posted on June 11th, 2014 in New Domains by dglosser

Great report by Crowdstrike on Panda Putter. We’ll be extracting domains from this report, but you may not wish to wait that long (and send us your list!)

Gameover Zeus Domains

Posted on June 9th, 2014 in New Domains by dglosser

http://www.fbi.gov/news/stories/2014/june/gameover-zeus-botnet-disrupted

The list of over 190,000 (!) domains were listed in the full report.  Lenny from  netcowboy.dk managed to extract those domains and made it available to us (http://mirror1.malwaredomains.com/files/Zeus-Gameover.zip).  Please let us know if you are  brave enough to load into your own DNS server and if you received any hits. Thanks Lenny!

Almost 4000 domains delisted

Posted on June 8th, 2014 in New Domains by dglosser

Almost 4000 domains have been delisted – please update your blocklists

 

mirror1 maintenace -completed

Posted on June 8th, 2014 in New Domains by dglosser

Update: maintenance is completed.

 

Maintenance is being performed on mirror1. It may be sporadically offline or out-of-sync with the other mirrors. We anticipate mirror1 will be fully up-and-running this evening

 

Recent Updates

Posted on June 6th, 2014 in New Domains by dglosser

5-30 – 335 domains

6-3 -  168 domains

6-6  – 610 domains

Big Update – 486 domains

Posted on May 24th, 2014 in New Domains by dglosser

Added 486 domains (darkcomet, poisonivy, njrat, etc) sourced from www.sophos.com, www.mwsl.org.cn, malwareconfig.com and others   (All domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

260 domains added (poisonivy, darkcomet, cryptolocker, etc)

Posted on May 20th, 2014 in New Domains by dglosser

Added 260 domains sourced from blog.dynamoo.com, www.spamhaus.org, malwareconfig.com    (All domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

malspam, zeus, botnet domains…

Posted on May 15th, 2014 in New Domains by dglosser

Added 179 domains (malspam, zeus, botnet,poisonivy, etc). Sources include malwareconfig.com, blog.dynamoo.com and others (All domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

fake flash, botnet, malspam domains

Posted on May 12th, 2014 in New Domains by dglosser

Added 247 domains associated with malicious spam, fake flash, botnets. Sources include www.google.com/safebrowsing, zeustracker.abuse.ch, www.spamhaus.org and others All domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.