MalwareDomainsBlocklists - archived updates

MalwareDomains updated - 2011.09.06...

FYI...

346 New domains added
- http://www.malwaredomains.com/wordpress/?p=2027
September 6th, 2011 - "lots of fraud/scam domains, zeus c&c domains, and other malicious domains. Sources include zeustracker.abuse.ch, malwareurl.com and others..."

:fear:

MalwareDomains updated - 2011.09.12...

FYI...

Forgery, scam, phishing domains
- http://www.malwaredomains.com/wordpress/?p=2046
September 12th, 2011 - "Added almost 200 domains associated with scams, frauds, phishing, as well as the usual zeus and malicious domains. Sources include zeustracker.abuse.ch, spamhaus.org, vxvault.siri-urz.net..."

:fear:

MalwareDomains updated - 2011.09.23...

FYI...

Small but important update: 64 domains added...
- http://www.malwaredomains.com/wordpress/?p=2088
September 23rd, 2011 - "Added 64 buterat, sql injection and other malicious domains. Sources include amada.abuse.ch, siteadvisor.com, support.clean-mx.de..."

:fear:

MalwareDomains updated - 2011.09.30...

FYI...

Fraud, Scam, Spyeye, Zeus
- http://www.malwaredomains.com/wordpress/?p=2100
September 30th, 2011 - "Added -100- Fraud, Scam, Spyeye, Zeus and other malicious domains. Sources include xylibox.blogspot.com, vxvault.siri-urz.net, blog.dynamoo.com..."

:fear:

MalwareDomains updated - 2011.10.04...

FYI...

Slimeware, Fraud, Scam domains
- http://www.malwaredomains.com/wordpress/?p=2104
October 4th, 2011 - "Added over -100- slimeware, Scam, Spyeye, and other malicious domains. Sources include blog.dynamoo.com, safebrowsing.google.com..."

:fear:

MalwareDomains updated - 2011.10.07...

FYI...

blackhole exploit kit, fraudload, ransom, rogue domains
- http://www.malwaredomains.com/wordpress/?p=2111
October 7th, 2011 - "Added over 100 zeus, rogue, BH Exploit Kit, FraudLoad domains. Sources include amada.abuse.ch, malwaredomainlist.com and others..."

:fear::fear:

MalwareDomains updated - 2011.10.11...

FYI...

iframe, moneymule, rbn domains
- http://www.malwaredomains.com/wordpress/?p=2121
October 11th, 2011 - "Added over -120- domains associated with RBN, moneymule, blackhole exploit kit… Sources include wam.dasient.com, emergingthreats.net, spamhaus.org ..."

:fear::fear:

MalwareDomains updated - 2011.10.14...

FYI...

DNS Sinkhole 10/14 Update: 129 New Domains
- http://www.malwaredomains.com/wordpress/?p=2127
October 15th, 2011 - "Added 129 domains associated with RBN, moneymule, malspam and other malicious activity you don’t want on your personal computer or network. Sources: emergingthreats.net, blog.dynamoo.com, labs.m86security.com and others..."

:fear:

MalwareDomains updated - 2011.10.19...

FYI...

Over 190 malicious domains added
- http://www.malwaredomains.com/wordpress/?p=2135
October 19th, 2011 - "Added over 190 malicious domains associated with rbn, blackholeexploit, zeus, etc. Sources include blog.dynamoo.com, malwaredomainlist.com, emergingthreats.net..."

:fear:

MalwareDomains updated - 2011.10.21...

FYI...

spyeye, zeus, rbn, scam domains
- http://www.malwaredomains.com/wordpress/?p=2140
October 22nd, 2011 - "Added -206- domains associated with rbn, zeus, botnets, etc. Sources: blog.dynamoo.com, emergingthreats.net, zeustracker.abuse.ch and many others..."

:fear::fear:

MalwareDomains updated - 2011.10.25...

FYI...

SQLi, Fastflux Botnet, Dirt Jumper and more
- http://www.malwaredomains.com/wordpress/?p=2143
October 25th, 2011 - "Added -210- domains associated with SQLi, Dirt Jumper, RBN, fast flux botnets and other maliciousness. Sources include blog.dynamoo.com, ddanchev.blogspot.com, malwareurl.com and others..."

:fear::fear:

Urgent Block: stats1. in ...

FYI...

Urgent Block: stats1. in
- http://www.malwaredomains.com/wordpress/?p=2156
November 2nd, 2011 - "Please add stats1. in to your blocklists... See:
- http://google.com/safebrowsing/diagnostic?site=stats1.in
'... last time suspicious content was found on this site was on 2011-11-02...
Malicious software includes 103 scripting exploit(s), 59 exploit(s), 53 trojan(s)'.
We’ll block this domain tonight but you shouldn’t wait..."

:fear::fear:

MalwareDomains updated - 2011.11.02...

FYI...

Nov 2 Update: 167 Dangerous Domains
- http://www.malwaredomains.com/wordpress/?p=2159
November 3rd, 2011 - "167 malicious and Dangerous Domains associated with fake jobs, malvertising, poisonivy, nitro, trojans..."

:fear:

MalwareDomains updated - 2011.11.05...

FYI...

black hole exploitkit, zeroaccess & other harmful domains
- http://www.malwaredomains.com/wordpress/?p=2166
November 5th, 2011 - "Added -118- domains associated with the Black Hole Exploit Kit, Zero Access, and other risky and harmful domains. Sources:malwareurl.com, zeustracker.abuse.ch, vxvault.siri-urz.net and others..."

:fear:

MalwareDomains updated - 2011.11.09...

FYI...

Blackhole Exploit, LockEmAll, Zeus Domains
- http://www.malwaredomains.com/wordpress/?p=2170
November 9th, 2011 - "Added -119- new Zeus, trojan, “LockEmAll”, BH Exploit domains. Sources include malwareurl.com, safebrowsing.clients.google.com, malwaredomainlist.com and others…"

:fear::spider:

MalwareDomains updated - 2011.11.12...

FYI...

htaccess redirects, malicious iframes, malvertising domains
- http://www.malwaredomains.com/wordpress/?p=2175
November 12th, 2011 - "Added domains associated with malvertising, malicious javascripts, malicious iframes, htaccess redirects and more. Sources include vxvault.siri-urz.net, hphosts.nets…"

:fear:

MalwareDomains updated - 2011.11.14...

FYI...

Immortal malware domains...
- http://www.malwaredomains.com/wordpress/?p=2180
November 14th, 2011 - "... recertification of -237- long-lived, “immortal” malware domains... These are domains which continue to actively serve malware for months if not years. Some of these domains have been active here for more than two years. Of those 237 domains, 34, or less than 15% were removed. That means that over 85% of these long-lived domains are truly “bulletproof”, and have remained actively malicious for over two years... List of these “immortals” is here:
- http://mirror2.malwaredomains.com/files/immortal_domains.txt

MalwareDomains updated - 2011.11.15...

FYI...

Small but important update
- http://www.malwaredomains.com/wordpress/?p=2187
November 15th, 2011 - "A small but important update… Domains associated with cve-2011-2140*, fast-flux botnets, malicious iframes, etc. were added. Sources include blog.sucuri.net, malc0de.com, dasient.com and others..."

* http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2140

:fear:

MalwareDomains updated - 2011.11.21...

FYI...

Malvertisers, Zeus, BH Exploit Domains…
- http://www.malwaredomains.com/wordpress/?p=2196
November 21st, 2011 - "Malicious domains associated with trojans, backdoors, BH Exploit Kit, RBN malvertisments were added. Sources include malwareurl.com, xylibox.blogspot.com, scrapbook.zscaler.com, malc0de.com..."
___

- http://www.malwareurl.com/
Total domains: 251677
Total IP addresses: 42006

- http://xylibox.blogspot.com
Midlet URL's...
Landing URL's...
Screenshots ...
"... According to VirusTotal, 15 AV detect these JAR files as Java/SMSSend... And only 10 AV detect these APK files as Android/FakeInst..."

- http://www.malwaredomainlist.com/mdl.php
Page 0 1 ... 38 !

- http://scrapbook.zscaler.com/
"... a lot of emails with attachments like: Facebook_Password_#8071.zip
where the number changes to avoid spam detection.
The email message looks like:
From: "Facebook"
Subject: Facebook Service# Your account has been blocked! Order/1721..."

- http://www.blog.malc0de.com/category/malware/
"... link domains that were serving the same executable. What I found out in a very short period of time is the binaries are updated so frequently that this becomes almost impossible... made a few adjustments to the database which should speed up the queries... here we can find a domain hosting the Neosploit exploit pack. The domain is hosted on 75 .125.212 .58. By searching malwaregroup.com* we can see domains hosted on the same IP that are named in a similar fashion and are most likely also hosting Neosploit or being staged..."
* http://www.malwaregroup.com/ipaddresses/details/75.125.212.58
... 21844 THEPLANET-AS21844:
> http://www.google.com/safebrowsing/diagnostic?site=AS:21844
"... over the past 90 days, 7863 site(s)... served content that resulted in malicious software being downloaded and installed without user consent. The last time Google tested a site on this network was on 2011-11-23, and the last time suspicious content was found was on 2011-11-23... we found 406 site(s) on this network... that appeared to function as intermediaries for the infection of 1619 other site(s)... this network has hosted sites that have distributed malicious software in the past 90 days. We found 834 site(s)... that infected 7709 other site(s)..."

:fear::fear:

MalwareDomains updated - 2011.11.24...

FYI...

Black Hole, Cridex, Drivebys, Trojan Domains
- http://www.malwaredomains.com/wordpress/?p=2199
November 24th, 2011 - "Add domains associated with Cridex, trojans, drive-bys. malicious javascript and more. Sources include securityhome.eu, spamhaus.org, malc0de.com..."

:fear: