Feed

multibanker, dnsamplification, malvertising domains

Posted on September 16th, 2013 in malspam,malvertising,New Domains,Phishing by dglosser

Added 174 domains associated with phishing, multibanker, dnsamplification, malvertising  and other badness. Sources: virustracker.info, threattrack.tumblr.com, labs.sucuri.net (all are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs.
* twitter page: https://twitter.com/malwaredomains
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format. Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

150+ Malvertising Domains

Posted on September 14th, 2013 in malvertising,New Domains,Phishing by dglosser

Added over 150 domains associated with malicious advertising and malicious ad banners. Please update your blocklists and follow our terms of use

Malicious Spam, Phishing, Multibanker, Malicious Advertising Domains…

Posted on June 28th, 2013 in malspam,malvertising,New Domains,Phishing,Trojans by dglosser

Added 114 domains associated with Phishing, Malicious Ad Banners, sinowal, multibanker, MalSpam, and other badness from blog.dynamoo.com, safebrowsing.clients.google.com, virustracker.info, www.phishtank.com (all sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs.
* twitter page: https://twitter.com/malwaredomains
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format. Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…
We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

Over 250 malvertising, flashback, phishing domains

Posted on April 12th, 2012 in exploit,malvertising,New Domains,Phishing,Trojans by dglosser

Added over 250 domains linked to flashback, phishing, malvertising, etc. Sources include www.threatexpert.com, private correspondence, contagiodump.blogspot.com and others. Please update your blocklists/sinkhole  and follow  our Terms of Use.

Reminder: the main site does not contain any zone files. Only download files from one our our download mirrors.

Small but important update

Posted on November 15th, 2011 in iframes,New Domains,Trojans by dglosser

A small but important update… Domains associated with cve-2011-2140, fast-flux botnets, malicious iframes, etc. were added. Sources include blog.sucuri.net, malc0de.com, dasient.com and others. (Every source is  listed in the domains.txt file)… Remember, the mirror for compressed zip files is up and running – please contact us for details – right now it has very little usage.

Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.

These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.

Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned!

Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.

Domains.txt file is the complete list along with original reference.
Justdomains contains list of only the domain names.

BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format.

Also Available in AdBlock, ISA, and MaraDNS formats.

A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

Forgery, scam, phishing domains

Posted on September 12th, 2011 in iframes,MoneyMule,New Domains,Phishing,Trojans,zeus by dglosser

Added almost 200 domains associated with scams, frauds, phishing, as well as the usual zeus and malicious domains. Sources include zeustracker.abuse.ch, spamhaus.org, vxvault.siri-urz.net.. (Every source is  listed in the domains.txt file)

Reminder:  The zone and text files are ONLY be available from a mirror and are not available from  the main site!!

Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.

These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.

Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.

Domains.txt file is the complete list along with original reference.
Justdomains contains list of only the domain names.

BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format.

Also Available in AdBlock, ISA, and MaraDNS formats.

A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

Site Delisting: bajaao.com

Posted on August 19th, 2011 in Removed Domains by dglosser

bajaao.com has been delisted and will be removed on the next update.

exploit, gbot, rbn, worms… 195 New Domains to Block

Posted on July 16th, 2011 in exploit,RBN,Trojans by dglosser

195 New malicious Domains associated with exploits, rbn, gbot and other badness  to add to your shun or blacklist.  Sources include www.malwareblacklist.com, support.clean-mx.de, securehomenetworks.blogspot.com, riskanalytics.com, safebrowsing.google.com (Every source is  listed in the domains.txt file).

As mentioned in the previous post, one of these domains is cw . cm, which means there will be some overlap in our blocklist until we finish cleaning up the individual entries.

Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.

These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.

Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.

Domains.txt file is the complete list along with original reference.
Justdomains contains list of only the domain names.

Please download files from main mirror: http://mirror1.malwaredomains.com/files/

BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format.

Also Available in AdBlock, ISA, and MaraDNS formats.

A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

Urgent Block: xwhoisdns [dot] com

Posted on May 20th, 2011 in 0day,New Domains by dglosser

xwhoisdns . com will be added to tonight’s blocklist, but you may wish to add to your blocklist ASAP.

ThreatExpert has more details on this  guy.

134 new domains to block

Posted on March 4th, 2010 in New Domains,Phishing,rogue antivirus,spam,zeus by dglosser

fastflux, zeus, rogue, skype spam domains. Sources include atlas.arbor.net, blogs.paretologic.com, and others:

27gr .co .tv 34jh7alm94 .asia
88810 .cn 873hgf7xx60 .com
953333 .com a2132959 .0lx .net
aprotect .com abouttraffic .net
arraysaw .com acdbxybadve .com
arraysaw .net autoparck .sumy .ua
arshard .com aviavavilons .net
av-command .com blackhistorypeople .com
avcommand .net botproxy2 .twoblocksdown .com
b11335599 .cn businessboard6124 .net
basiscause .com canadauniversitypress .com
brozsearch .com candyshop451 .com
c36996639 .cn contentserver .ru
c58446658 .cn contrsnid .uz .ua
cavally .in didbotta6 .unipv .it
contempt .in draft5sticks4 .net
d92378523 .cn enteri1llisec .in
disea .info findlostcats .com
ebaat .biz flashplayerpluginonline .com
egn14142nn .ws for-sunny-se .com
egygate .info free-screen-capture-software .com
evertrands .com freeanalsextubemovies .com
everybots .com globostep .info
experrior .eu googleanalinics .com
footbal .rv .ua gotnewfriendbook .com
fructik3 .ru groov .uzhgorod .ua:8080
gameshort .ru h10024 .nb .host127-0-0-1 .com
geo95 .com happytreeporno .com
getsup .info homeamateurclips .com
googleinru .in homesitetoo .com
gromz .net hqexgirl .osa .pl
iescrow .ir illegaloffer .ru
j00k877x .cc imobiliariacanela .com .br
kaliuz .com lmaoimages .com
kolaider .net miamiheraldsi .com
kozzz .in nbsolution .com
m2121212 .cn o17070 .nb .host127-0-0-1 .com
m3131313 .cn personalsystemscan .cn
mn8873nb01 .cc plainjapan .com
natos .info playthisfuck .com
nn31415en .in polycounter .com
oast .com pzignbfxspou .info
polevand .com quickmedialinks .com
redondo .ru redriveruk .com
reilka .co .kr salamangzan .com
reilka .kr santacruzinfo .com .br
reilki .co .kr scoregame .info
reilki .kr searchfeature .org
reilki .ne .kr sendspace .repek .or .kr
reilki .or .kr slinkadult .biz
reilko .co .kr softinternational .net
reilko .kr sportgun .pl .ua
reilko .ne .kr stignita .zapto .org
reilkx .or .kr stoptibetcrisis .net
rioner .com storage84030 .org
scanerborn .cn tdsstdstds .org
sendingout .cn theinputonline .com
serdb01 .com thetubeholder .com
shitstream .cn uncutsouthmovies .com
smile .if .ua valentinsss .info
sunqtr .com w1543 .nb .host127-0-0-1 .com
tabs .pl woodfuelwales .com
updategr .org www-myphoto .com
vallesina .tv x21526 .nb .host192-168-1-2 .com
whyviral .com xxxtoywebsitecheap .com
x-drugs .ru yswzrjkpsp .com
zeroday .cc