Feed

Delisted and Relisted Domains

Posted on June 8th, 2012 in Domain News,immortal,relisted by dglosser

Thanks to our volunteers, we have some scripts which will help to delist domains in a more timely manner as well as check domains previously delisted to see if they are once again misbehaving.

This last update added almost 75 domains, many of which were previously delisted.

 

 

Immortal Malware Domains

Posted on January 4th, 2012 in Domain News,immortal,Removed Domains by dglosser

We recently revalidated about 800 long-lived, “immortal” malware domains.

These are domains which were identified as malicious anywhere between 90 and 360 days ago. but according to google safebrowsing, are still actively involved in badness.
Some of these domains have been on the DNS-BH List for YEARS.

Of these 800 domains,  55 were removed. That means that 745, or over 93%, are still actively associated with malware.

List of removed (non immortal?) domains:  removed-domains-20120104.txt

List of “the immortals: immortal_domains.txt

A “psychohistory” of these long-lived malicious domains would be interesting and we’d be happy to help with any of those research efforts.

745 still “immortal”
55 removed

Immortal Domains

Posted on November 14th, 2011 in Domain News,immortal,New Domains by dglosser

We just finished recertification of 237 long-lived, “immortal” malware domains.

These are domains which continue to actively serve malware for months if not years.
Some of these domains have been active here for more than two years.

Of those 237 domains, 34, or less than 15% were removed.

That means that over 85% of these long-lived domains are truly “bulletproof”, and  have remained  actively malicious for over two years.

The list of those few removed domains is here: removed-domains-20111112.txt

List of these “immortals”  is here: immortal_domains.txt

List Reorg: Almost 500 domains removed

Posted on September 15th, 2011 in Domain News,immortal,Removed Domains by dglosser

We re-evaluated over 700 domains and removed almost 500 of them.

The list of removed domains are located here:
http://mirror1.malwaredomains.com/files/removed-domains-20110913.txt

About 150 of those domains were previously categorized as “immortal”, or long-lived malware domains – which means they were serving malware for over six months…

Only 37 of those domains were removed.  So 75% of those long-lived malicious domains are really “immortal” , and continued to be actively associated with malware. Wow.

The list of “immortal” domains is located here:

http://mirror1.malwaredomains.com/files/immortal_domains.txt

More Long Lived (immortal) Malware Domains

Posted on November 7th, 2010 in Domain News,immortal by dglosser

We’ve updated the list of  Long Lived (“immortal”) Malware Domains. There are now 1574 domains (!)

These 1574 domains were identified as malicious  anywhere between 90 and 360 days ago,  but according to google safebrowsing, are still actively involved in badness.

New list is located here:longlived_malware_domains.txt

Analysis  of the hosting and registrars of these “immortal” or “Methuselah” malware domains should prove interesting.