List Update

Posted on May 4th, 2016 in New Domains,Removed Domains by Adam Shinn

Last week we added 457 new domains to the list and removed 9.
We saw another wave of Locky ransomware and Dridex over this past week. Stay safe.

Thank you for using Malware Domains.

New HTTPS mirrors

Posted on May 4th, 2016 in New Domains by Adam Shinn

Thanks to Ernesto Pérez and Paul Bernal of CEDIA for hosting two more mirrors with https. Links to these mirrors can be found on our mirrors page: http://www.malwaredomains.com/?page_id=29

50 New Ransomware Domains Added

Posted on April 28th, 2016 in New Domains,ransomware by Adam Shinn

We added 50 new Locky ransomware domains to the list today. Please update to the latest list.

Keep fighting the good fight. Thank you for using Malware Domains.

Blocked iFrame

Posted on April 26th, 2016 in iframes by Adam Shinn

Looks like a certain dental association sent out a malicious iframe with their dental procedure codes on supplied USB drives. For those of you using the Malware Domains list, the domain has been blocked since 2011. Malware Domains gets a reference a few posts down in this forum: https://www.dslreports.com/forum/r30717075-ADA-just-sent-me-a-surprise

Thank you for using Malware Domains.

List Update

Posted on April 25th, 2016 in dridex,New Domains,Phishing,ransomware,Removed Domains by Adam Shinn

The Malware Domains List has been posted for today. Last week we added 1,604 new domains to the list and removed 171.
Most were phishing domains, but Dridex and Ransomware were top contenders.

Thank you for using Malware Domains.

What You Can Do To Protect Against Ransomware

Posted on April 14th, 2016 in ransomware by Adam Shinn

The increased use of ransomware over the last year has been shocking. Ransomware has infected businesses, hospitals, governments, and the general public at an unprecedented rate. A recent offline backup of your data is one of the few ways to avoid paying a ransom once infected. There are decryption tools available for some variants of ransomware, but these are not always guaranteed to work. Treat ransomware the same way you would disk failure. Make sure you have backups!

We are always on the hunt for malicious domains. If you find evidence of malware being hosted on a domain, please submit it to us here: mal4wa3redoma3ins@gma2il.com (remove all numbers).

Thank you for using Malware Domains.

Updated List

Posted on March 4th, 2016 in New Domains,Removed Domains by Adam Shinn

We have been hard at work updating all of the domains currently on our list. We have removed many domains that are no longer malicious. As of today, every domain on our list has been verified as malicious since 2016. We are working towards keeping this list much more current, and this was a huge step towards that.

Thank you for your support and for using Malware Domains.

Incorrectly Blocked Domain

Posted on January 15th, 2016 in Removed Domains by Adam Shinn

We accidentally blocked the site ‘s.ytimg.com’ as part of an AnglerEK indicator. This was in error as this site is used by youtube.com to display content properly.
As of 15:10 UTC 2016/01/15, this domain has been removed from our blacklist. Sorry for any inconvenience and thank you for using Malware Domains.

HTTPS support

Posted on December 30th, 2015 in mirror by Adam Shinn

We are pleased to announce that we now offer HTTPS support for the www.malwaredomains.com site and for one of our mirrors as well. For those of you requesting this feature, and those who would like to download our list via HTTPS, you can do so here: https://mirror.cedia.org.ec/malwaredomains/
This mirror will also be added to the mirrors page of our blog.

Big thanks to Ernesto Pérez and Paul Bernal of CEDIA for hosting the new mirror.

New Domains and TeslaCrypt

Posted on December 18th, 2015 in New Domains,Removed Domains,TeslaCrypt by Adam Shinn

We’ve added 1560 domains to our blacklist since 12/5. We also removed 745 domains due to a source shutting down their service. We have verified many of these domains to be clean, yet some of them have still come up malicious. In other news, TeslaCrypt has been on the rise recently and we have been able to add multiple domains either hosting or pointing to TelsaCrypt. Keeping fighting the good fight.