Feed

Palevo, phishing, and other malicious domains

Posted on April 17th, 2015 in New Domains by dglosser

Added 180 domains (Palevo C&C, phishing, and other malicious badness) from phishtank, openphish, joxeankoret and others (All domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

cryptowall domains (phishing, malspam, trojan, zeus too)

Posted on April 14th, 2015 in New Domains by dglosser

Added 258 domains (cryptowall, and some zeus, malicious spam, phishing, and other malicious domains). Sources include malwareurls.joxeankoret.com, www.mwsl.org.cn, threatexpert, and others (All domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

244 new domains added (phishing, tinba, dyreza, attack pages)

Posted on April 13th, 2015 in New Domains by dglosser

added 244 new domains (attack pages, phishing, tinba) from google safebrowsing, virustotal, phishtank and others. (All domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

Request: List of Skype-grabbers and Skype-Resolver domains

Posted on April 12th, 2015 in New Domains by dglosser

I’ve been asked if we have a list of domains of Skype-grabbers and Skype-Resolvers… Unfortunately we do not but are willing to republish (with credit) or aggregate  these domains.

Update: Thanks to Lenny at netcowboy.dk, We just uploaded a list of 53 skype resolvers here

Please email me at mal2waredomains2@3gmail3.com (remove all numbers) if you can help. Thanks

 

malvertising, phishing domains

Posted on April 11th, 2015 in New Domains by dglosser

Added 100 domains associated with malicious ads and phising. (all domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

snowshoe, rokso, attack pages

Posted on April 9th, 2015 in New Domains by dglosser

Added 430 domains from spamhaus and google safebrowsing (attack pages, rokso, snowshoe, etc). Please update your blocklists and follow our terms of use.

cutwail, dyre, zeus, snowshoe domains

Posted on April 7th, 2015 in New Domains by dglosser

Recently addedover 800 new domains from gist.github.com, spamhaus.org and google safebrowsing (all domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

Over 1750 domains delisted

Posted on April 5th, 2015 in New Domains by dglosser

Please update your blocklists and follow our terms of use.

195 New Domains

Posted on April 4th, 2015 in New Domains by dglosser

Added 195 domains (cutwail, rig ek,  flagged as malicious from google safebrowsing, etc). from spamhaus, sans, safeweb, malcode, etc (all domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

Recent Updates

Posted on April 2nd, 2015 in New Domains by dglosser

I’ve been remiss on posting when there’s an update to the blocklist files. Will try to better this month. Here are some recent updates:

3/22 – 394 domains added
3/27 -  1136 domains added3/29 – 729 domains added
3/31 – 906 domains added