List Update

Posted on April 25th, 2016 in dridex,New Domains,Phishing,ransomware,Removed Domains by Adam Shinn

The Malware Domains List has been posted for today. Last week we added 1,604 new domains to the list and removed 171.
Most were phishing domains, but Dridex and Ransomware were top contenders.

Thank you for using Malware Domains.

What You Can Do To Protect Against Ransomware

Posted on April 14th, 2016 in ransomware by Adam Shinn

The increased use of ransomware over the last year has been shocking. Ransomware has infected businesses, hospitals, governments, and the general public at an unprecedented rate. A recent offline backup of your data is one of the few ways to avoid paying a ransom once infected. There are decryption tools available for some variants of ransomware, but these are not always guaranteed to work. Treat ransomware the same way you would disk failure. Make sure you have backups!

We are always on the hunt for malicious domains. If you find evidence of malware being hosted on a domain, please submit it to us here: mal4wa3redoma3ins@gma2il.com (remove all numbers).

Thank you for using Malware Domains.

Updated List

Posted on March 4th, 2016 in New Domains,Removed Domains by Adam Shinn

We have been hard at work updating all of the domains currently on our list. We have removed many domains that are no longer malicious. As of today, every domain on our list has been verified as malicious since 2016. We are working towards keeping this list much more current, and this was a huge step towards that.

Thank you for your support and for using Malware Domains.

Incorrectly Blocked Domain

Posted on January 15th, 2016 in Removed Domains by Adam Shinn

We accidentally blocked the site ‘s.ytimg.com’ as part of an AnglerEK indicator. This was in error as this site is used by youtube.com to display content properly.
As of 15:10 UTC 2016/01/15, this domain has been removed from our blacklist. Sorry for any inconvenience and thank you for using Malware Domains.

HTTPS support

Posted on December 30th, 2015 in mirror by Adam Shinn

We are pleased to announce that we now offer HTTPS support for the www.malwaredomains.com site and for one of our mirrors as well. For those of you requesting this feature, and those who would like to download our list via HTTPS, you can do so here: https://mirror.cedia.org.ec/malwaredomains/
This mirror will also be added to the mirrors page of our blog.

Big thanks to Ernesto Pérez and Paul Bernal of CEDIA for hosting the new mirror.

New Domains and TeslaCrypt

Posted on December 18th, 2015 in New Domains,Removed Domains,TeslaCrypt by Adam Shinn

We’ve added 1560 domains to our blacklist since 12/5. We also removed 745 domains due to a source shutting down their service. We have verified many of these domains to be clean, yet some of them have still come up malicious. In other news, TeslaCrypt has been on the rise recently and we have been able to add multiple domains either hosting or pointing to TelsaCrypt. Keeping fighting the good fight.

List Updated

Posted on December 4th, 2015 in New Domains,Removed Domains by Adam Shinn

We’ve added 561 domains and removed 19 domains from our list since 11/26. A lot of the domains that we added led to fake virus pages and a few of them downloaded variants of Dridex.

New Domains and a Suspicious Site?

Posted on November 25th, 2015 in New Domains by Adam Shinn

We’ve added 751 domains since 11/19.

We also got a tip about a site to look into. The URL was https://www.google.com/starwars/
Our response? “These aren’t the domains we’re looking for!”

New Domains and a School of Phishing Pages

Posted on November 18th, 2015 in New Domains,Removed Domains by Adam Shinn

We’ve added 851 domains since 11/10. We’ve also removed 51 domains from our blacklist. We found a compromised site with an index full of phishing pages along with the resources to create other phishing pages as well. Blocking this site not only stops the active phishing pages, but it also give us insight into how these pages are crafted.

Stay safe out there and thank you for using Malware Domains.

New Domains Added

Posted on November 10th, 2015 in New Domains,Removed Domains by Adam Shinn

We’ve added 558 domains to our blacklist since 11/07. We’ve also delisted 109 domains as they have been cleaned of malicious activity.
Thank you for using Malware Domains.