Feed

malspam, dga, phishing domains

Posted on February 16th, 2015 in New Domains by dglosser

We’ve added a few hundred domains between 2/8  & 2/15 from  dynamoo, mwsl, safebrowsing, openphish.com, zscaler and others. Please update your blocklists and follow our terms of use

 

Recent Updates

Posted on February 7th, 2015 in New Domains by dglosser

2/1 – 799 domains
2/3 – 221 domains
2/6 – 56 domains
Please update your blocklists and follow our terms of use.

364,000 NewGOZ DGA Domains

Posted on January 31st, 2015 in New Domains by dglosser

I took the code from www.johannesbader.ch and ran it for all of 2015. The results are here, the code we used is here.

Please let me know if you find this useful, email me at mal1waredomains2@gmail3.com (remove all numbers).

 

99 new domains (symmi, google safebrowsing)

Posted on January 28th, 2015 in New Domains by dglosser

Added 99 new domains (symmi, google safebrowsing) from www.google.com/safebrowsing and www.johannesbader.ch. Please update your blocklists and follow our terms of use.

shiotob, scieron, tinba domains

Posted on January 26th, 2015 in New Domains by dglosser

Added about 300 domains on 1/24 and 1/25 (shiotob, scieron, tinba and other malicious domains) from johannesbader.ch, google safebrowsing, emergingthreats.net, virustotal and others (all domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

229 New Domains

Posted on January 23rd, 2015 in New Domains by dglosser

Added 229 new domains (iframes, forum spam, attack pages) from google safebrowsing, malc0de, and sucuri.

(all domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

List Recert: 9873 Domains Removed

Posted on January 19th, 2015 in New Domains by dglosser

9873 domains have been removed . The list of removed domains is here:
http://mirror3.malwaredomains.com/files/removed-domains-20100116.txt

Please update your blocklists and follow our terms of use

Recent Updates

Posted on January 17th, 2015 in New Domains by dglosser

1/14 – 253 domains added
1/16 – 110 domains added

(all domains and sources are listed in our domains.txt file.)

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains

* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

Recent Updates

Posted on January 12th, 2015 in New Domains by dglosser

1/4 – 199 Domains
1/7 – 136 Domains
1/9 – 323 Domains
1/10 – 212 Domains

* Please help to keep this site free and donate whatever you can: All donations go to hosting and infrastructure costs
* twitter page: https://twitter.com/malwaredomains
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware. Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.
* We also have a mirror dedicated to research and Open Source Projects – please contact us for details.

1300 Domains RELISTED – added to “immortal” malware domain list

Posted on January 2nd, 2015 in immortal,New Domains by dglosser

Over 1300 previously delisted domains were found once again to be rated by malicious by google.  Many of these domains  “pop up” for a while to spread their “badness”, and then “lie low” under the radar , only to come alive again once delisted.

Accordingly, these domains have been relisted,  as well as “promoted” to the “immortals” or domains which have been consistently associated with malicious activity.

List of “immortal” malware domains is here: http://mirror3.malwaredomains.com/files/immortal_domains.txt.

A “psychohistory” of these long-lived malicious domains would be interesting and we’d be happy to help with any of those research efforts.