Feed

DNS-BH Update: 37 new malicious domains added

Posted on February 27th, 2008 in fake codecs,New Domains,rogue antivirus by dglosser

From Misc sources, check the domains.txt file for the original source:

1ccfcu.org 2222mb.com
balbv.cn buhaterafe.com
buytraffic.cn chportal.cn
codec-the.com coripastares.com
gt-movies.com infestop.com
jslib2.info mastertools.us
mynudenetwork.com navi-movie.com
nbar.co.kr neosap.ru
new.najd.us nguide.co.kr
noecho.org nokhbah.org
nsworklab.com nuvodka.com
offers-4u.biz ohohoh.co.kr
oicp.net onlinegameblogger.com
oversite.co.kr pawlacz.com
pepato.org sclgntfy.com
spy-rid.com spywareisolator.com
swpower-team.net tds-service.net
warinmyarms.com winifixer.com
xanjan.cn  

Help fight spyware: Join the Spyware Listening Post!domains.txt file is the complete list along with original reference

Updates are located at http://www.malwaredomains.com/updates
The full files are located at: http://www.malwaredomains.com/files

BOOT file is in MS DNS format
spywaredomains.zones file is in BIND format

Exploit and Malware Serving Domains and IPs

Posted on February 27th, 2008 in Domain News by dglosser

Immediately add to all blocklists (source: http://ddanchev.blogspot.com/):

buytraffic.cn/in.cgi?11 - 62.149.18.34
sclgntfy.com/ent2763.htm - 85.255.118.12
tds-service.net/in.cgi?20 - 72.233.50.148
spywareisolator.com/landing/?wmid=sga - 72.233.50.150
warinmyarms.com/check/upd.php?t=670 - 58.65.239.114
coripastares.com/in.php?adv=1267&val=3ee328 - 202.83.197.239
xanjan.cn/in.cgi?mikh - 78.109.22.246
chportal.cn/top/count.php?o=4 - 203.117.111.102
buhaterafe.com/in.php?adv=1208&val=65286d - 202.83.197.239
193.109.163.179/exp/count.php
193.109.163.179/exp/getexe.php
78.109.22.242/mikh/1.html
78.109.22.242/sh.html

will be added in tonite’s update but you should add to your blocklists ASAP.