Feed

200+ Domains Added

Posted on March 15th, 2012 in BH Exploit Kit,exploit,New Domains,Trojans by dglosser

Old Added over 200 domains (on the 13th, sorry about the late post) associated with pornmocup, black hole exploits. sakura, crimepack, etc. Sources include hosts-file.net, www.malwareurl.com, c-apt-ure.blogspot.com and others (all sources are listed in our domain.txt file.)

Compressed files are located at: http://www.malware-domains.com (full zone files, note the dash)  and http://dns-bh.sagadc.org/.  We also have a mirror dedicated to research and Open Source Projects – contact us for details.

* Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.  Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

Huge Update: 342 Domains Added

Posted on March 11th, 2012 in BH Exploit Kit,exploit,New Domains,Trojans by dglosser

Added 342 domains associated with agent-vcf, bhexploitkit, phoenix exploit kit. zbot, and lots of other badness. Sources include www.sophos.com,   www.malwareurl.com, c-apt-ure.blogspot.com, and many many  others (all sources are listed in our domain.txt file.)

Compressed files are located at: http://www.malware-domains.com (full zone files, note the dash)  and http://dns-bh.sagadc.org/.  We also have a mirror dedicated to research and Open Source Projects – contact us for details.

* Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.  Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

Big Update: 170+ New Domains

Posted on March 2nd, 2012 in exploit,malspam,malvertising,New Domains by dglosser

Added over 170 domains associated with exploits, htaccess redirects, malicious iframes, malicious javascript and other badness. Sources include exposure.iseclab.org, amada.abuse.ch, hosts-file.net and others (every source is  listed in the domains.txt file). Please update your blocklists/sinkhole  and follow  our Terms of Use.

Reminder: the main site does not contain any zone files. Please download files from one our our download mirrors

Carberp, IceX, malvertising, sinowal domains

Posted on February 19th, 2012 in exploit,iframes,malspam,malvertising,New Domains,Trojans,zeus by dglosser

109 new domains added.  Associated with Carberp, IceX, malvertising, sinowal, Zeus, etc. Sources: zeustracker.abuse.ch, spamhaus.org, urlquery.net, google safebrowsing and other (every source is  listed in the domains.txt file)

Compressed files are located at: http://www.malware-domains.com (full zone files, note the dash)  and http://dns-bh.sagadc.org/.  We also have a mirror dedicated to research and Open Source Projects – contact us for details.

* Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use the “wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.  Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

 

Please give it a try and let us know…

 

More pdfexploits, c&c, malvertising domains

Posted on February 17th, 2012 in exploit,malvertising,New Domains,Trojans by dglosser

104 new domains associated with pdf exploits, c&c, malvertising, and other maliciousness added. Sources include exposure.iseclab.org, www.phishtank.com, www3.malekal.com and others (every source is  listed in the domains.txt file). Please update your blocklists/sinkhole  and follow  our Terms of Use.

Another 200+ domains Added

Posted on February 10th, 2012 in exploit,malvertising,New Domains,Trojans,zeus by dglosser

Added 200+ domains associated with the usual exploits, trojans, malvertising, etc. Sources include wepawet.iseclab.org, hosts-file.net, abuse.ch (every source is  listed in the domains.txt file). Please update your blocklists/sinkhole  and follow  our Terms of Use.

bhexploit, htaccess redirects, Incognito, PDF exploits…

Posted on February 6th, 2012 in exploit,New Domains,rogue antivirus,Trojans by dglosser

Added 119 domains listed on xylibox.blogspot.com, malekal.com, exposure.iseclab.org and others (every source is  listed in the domains.txt file). Please update your DNS blocklist/malware sinkhole  and follow  our Terms of Use.

Incognito, malspam, purplehaze domains

Posted on February 3rd, 2012 in exploit,malspam,Trojans,zeus by dglosser

Added 138 malicious domains associated with purple haze, Incognito, malspam, zeus, msupdater, etc. Sources include exposure.iseclab.org, zeustracker.abuse.ch, blog.dynamoo.com (every source is  listed in the domains.txt file)

Reminder: the mirror for compressed zip files is up and running – please contact us for details – right now it has very little usage.

Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.
These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.
Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned!
Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
Domains.txt file is the complete list along with original reference.
Justdomains contains list of only the domain names.
BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format.
Also Available in AdBlock, ISA, and MaraDNS formats.
A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

rbackdoor-pihar, bphoster, htaccessredirect domains

Posted on January 22nd, 2012 in exploit,New Domains,Trojans,zeus by dglosser

Added 110 domains yesterday (forgot to post) associated with bphoster, zeus, drivebys, pihar and other badness. Sources include amada.abuse.ch, google safebrowsing, www.spamhaus.org

(every source is  listed in the domains.txt file)

Reminder: the mirror for compressed zip files is up and running – please contact us for details – right now it has very little usage.

Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.

These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.

Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned!

Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.

Domains.txt file is the complete list along with original reference.
Justdomains contains list of only the domain names.

BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format.

Also Available in AdBlock, ISA, and MaraDNS formats.

A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

Over 190 malicious domains added

Posted on October 19th, 2011 in exploit,fraud,malspam,malvertising,New Domains,Trojans,zeus by dglosser

Added over 190 malicious domains associated with rbn, blackholeexploit, zeus, etc. Sources include blog.dynamoo.com, www.malwaredomainlist.com, www.emergingthreats.net.

(Every source is  listed in the domains.txt file)

Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.

These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.

Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.

Domains.txt file is the complete list along with original reference.
Justdomains contains list of only the domain names.

BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format. (The mirror for compressed zip files is up and running – please contact us for details.)

Also Available in AdBlock, ISA, and MaraDNS formats.

A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…