Jump to content


Photo

Malware Domain Blocklist updated...


  • Please log in to reply
438 replies to this topic

#1 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 10 March 2010 - 09:04 PM

FYI...

DNS-BH – Malware Domain Blocklist
- http://www.malwaredomains.com/
March 10, 2010 - "250+ Fraud, neosploit, Domains, zeus, exploit domains to block..."

- http://www.malwaredo...ress/?page_id=2
The DNS-BH project creates and maintains a listing of domains that are known to be used to propagate malware and spyware. This project creates the Bind and Windows zone files required to serve fake replies to localhost for any requests to these, thus preventing many spyware installs and reporting.

This list is also available in AdBlock and ISA Format..."

To install the AdblockPlus extension in Firefox, click here:
- https://addons.mozil...efox/addon/1865

-

Blocking malicious sites with Adblock Plus
- http://adblockplus.o...th-adblock-plus
"... another layer of protection..."
Scroll down to: "... click here to subscribe to the list in Adblock Plus..." and click on the link - click OK to the popup for "Add subscription" - done.
___

- http://news.cnet.com...466753-245.html
"WhitePages.com has stopped ad networks from delivering ads to its site after they were found to contain fake antivirus malware..."

:ph34r:

Edited by apluswebmaster, 15 March 2010 - 08:37 PM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#2 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 15 March 2010 - 12:11 PM

FYI...

- http://www.malwaredo...ordpress/?p=880
March 13, 2010 - "151 new domains from www.malwareurl.com, malc0de.com, ddanchev.blogspot.com, safeweb.norton.com and others"

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#3 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 17 March 2010 - 02:35 PM

FYI...

- http://www.malwaredo...ordpress/?p=886
March 17, 2010 - "217 new domains associated with rogue antivirus, fastflux, trojan, iframes, botnets, etc. Souces include secuboxlabs.fr, malwaredomainlist.com, ddanchev.blogspot.com..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#4 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 22 March 2010 - 04:45 AM

FYI...

- http://www.malwaredo...ordpress/?p=889
March 20, 2010 - "201 new domains to block. Sources include ddanchev.blogspot.com, blogs.paretologic.com, support.clean-mx.de..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#5 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 24 March 2010 - 03:56 PM

FYI...

- http://www.malwaredo...ordpress/?p=892
March 24, 2010 - "160 new domains flagged as drive-by downloads, scareware, zeus, and harmful by malc0de.com, jsunpack.jeek.org, malwareint.blogspot.com and others..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#6 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 27 March 2010 - 06:38 PM

FYI...

- http://www.malwaredo...ordpress/?p=896
March 27, 2010 - "173 new domains to add to your shunlist and blocklist… Sources: www.malwareurl.com, malc0de.com, phil-secu.over-blog.net and others.."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#7 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 31 March 2010 - 05:22 AM

FYI...

Blackhole DNS Update196 new domains
- http://www.malwaredo...ordpress/?p=901
March 30, 2010 - "Sources include securehomenetwork.blogspot.com, zeustracker.abuse.ch, ddanchev.blogspot.com..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#8 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 06 April 2010 - 05:54 AM

FYI...

- http://www.malwaredo...ordpress/?p=909
April 5, 2010 - "... 300 new domains have been added. Sources: support.clean-mx.de, www.freepcsecurity.co.uk, www.malwareurl.com, and others..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#9 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 09 April 2010 - 05:22 AM

FYI...

- http://www.malwaredo...ordpress/?p=911
April 8, 2010 - "Added 210 koobface domains and 53 other domains associated with malicious activity. Sources: www.malwareurl.com, www.malwaredomainlist.com, secuboxlabs.fr, and others..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#10 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 12 April 2010 - 07:37 AM

FYI...

- http://www.malwaredo...ordpress/?p=919
April 11, 2010 - "230 domains to add to your malware blocklist or malware domain sinkhole..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#11 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 15 April 2010 - 04:26 AM

FYI...

- http://www.malwaredo...ordpress/?p=924
April 14, 2010 - "261 domains to block or redirect to your sinkhole. Sources include malc0de.com, support.clean-mx.de, and secuboxlabs.fr..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#12 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 17 April 2010 - 07:28 AM

FYI...

Big Update: gumblar domains, rbn domains, trojan domains and more
- http://www.malwaredo...ordpress/?p=933
April 16, 2010 - "Over 300 domains associated with the RBN, gumblar, trojans, as well as domains associated with fraud. Sources include defintel.blogspot.com, emergingthreats.net, krebsonsecurity.com..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#13 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 19 April 2010 - 12:12 PM

FYI...

MalwareDomains updated - 2010.04.19...
- http://www.malwaredo...ordpress/?p=938
April 19, 2010 - "... quick update, mainly of the domains mentioned earlier...
xfgkddya .cn, yesoc .in, yetanotherguitarsite .com, bitapardaz .net, crystaldesignlab .com, excellentblener .ru, binglbalts .com, corpadsinc .com, fourkingssports .com, mauiexperts .com, mauisportsinsider .com, 4238789324 .com"

Urgent additions
- http://www.malwaredo...ordpress/?p=935
April 18, 2010 - "... the following domains are blocked or blacklisted:
binglbalts . com, corpadsinc .com, fourkingssports .com, networkads .net, mainnetsoll .com
sources: http://ddanchev.blog...compromise.html , http://isc.sans.org/...ml?storyid=8647 ."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#14 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 21 April 2010 - 04:40 PM

FYI...

Blackhole DNS Update
- http://www.malwaredo...ordpress/?p=940
April 20, 2010 - "Sources: wepawet.cs.ucsb.edu, malc0de.com, jsunpack.jeek.org, ddanchev.blogspot.com and others..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#15 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 24 April 2010 - 04:48 AM

FYI...

Many fastflux and rogue domains
- http://www.malwaredo...ordpress/?p=946
April 24, 2010 - "Sources include www.malwareurl.com, www.siteadvisor.com, www.malwaredomainlist.com..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#16 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 30 April 2010 - 04:14 AM

FYI...

- http://www.malwaredo...ordpress/?p=948
April 29, 2010 - "rogues, backdoors, exploit domains, and other badness. Sources include www.malwaredomainlist.com, atlas.arbor.net, threatexpert.com..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#17 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 01 May 2010 - 08:59 AM

FYI...

Fake McAfee DAT 5959: Google SEO hijacking
- http://www.malwaredo...ordpress/?p=950
April 30, 2010 - "please block
* malware-checker-free. com
* tolstiy.co. cc
* endroiturlredirect. com
These sites are involved in google SEO hijacking and host exploits. Sites will be added on the next update.
Source: http://phil-secu.over-blog.net

:grrr: :ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#18 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 04 May 2010 - 06:40 AM

FYI...

DNS-BH Update...
... rogue antivirus, zeus...
- http://www.malwaredo...ordpress/?p=952
May 3, 2010 - "Sources: secuboxlabs.fr, safeweb.norton.com. www.malwaredomainlist.com, and others..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#19 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 05 May 2010 - 02:08 PM

FYI...

Important additions...
- http://www.malwaredo...ordpress/?p=955
May 5, 2010 - "...Please block the following ASAP:
thejustb. com
grepad. com
ginopost. com

Sources:
- http://blog.scansafe...iche-sites.html

- http://isc.sans.org/...ml?storyid=8740

- http://ddanchev.blog...-linked-to.html ..."
___

- http://google.com/sa...e=thejustb.com/
"... suspicious content was found on this site... on 2010-05-04. Malicious software includes 1 exploit(s)..." - Country: UA
- http://google.com/sa...e=ginopost.com/
"... suspicious content was found on this site... on 2010-04-26. Malicious software includes 6 exploit(s), 5 trojan(s)..." - Country: UA
- http://google.com/sa...ite=grepad.com/
"... suspicious content was found on this site.... on 2010-04-28. Malicious software includes 15 exploit(s), 9 trojan(s)..." - Country: UA

:ph34r: :ph34r:

Edited by apluswebmaster, 05 May 2010 - 03:31 PM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#20 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 06 May 2010 - 08:43 AM

FYI...

exploit, fastflux, malspam, rogue domains
- http://www.malwaredo...ordpress/?p=959
May 6, 2010 - "159 domains containing malspam, rogue antivirus, trojans, or associated with fraud. Sources include www.malwareurl.com, atlas.arbor.net, hphosts.blogspot.com, ddanchev.blogspot.com..."

:ph34r: :ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#21 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 18 May 2010 - 04:47 AM

FYI...

exploit, zeus, trojan domains
- http://www.malwaredo...ordpress/?p=970
May 17, 2010 - "Sources include: www.malwaredomainlist.com, secuboxlabs.fr, blog.sucuri.net..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#22 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 20 May 2010 - 05:51 AM

FYI...

Huge Update: 270 domains
- http://www.malwaredo...ordpress/?p=974
May 19, 2010 - "rogue domains, fastflux domains, exploit domains, and other malicious domains. Sources include www.malwaredomainlist.com, www.malwareurl.com, secuboxlabs.fr, and jsunpack.jeek.org..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#23 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 23 May 2010 - 04:15 PM

FYI...

Update: koobface,fastflux,zbot,zeus domains
- http://www.malwaredo...ordpress/?p=976
May 23, 2010 - "Over 250 new domains associated with zbot, zeus,torpig,neosploit, koobface and other maliciousness. Sources include ddanchev.blogspot.com, atlas.arbor.net/summary/fastflux, www.malc0de.com, zeustracker.abuse.ch..."

- http://atlas.arbor.n...ummary/fastflux
"... Currently monitoring 226 active fastflux domains..."

- http://www.malwaredo...ordpress/?p=979
May 24, 2010 - "trendsecure.com is incorrectly listed and has been removed. Please remove from your blocklists ASAP."

:ph34r:

Edited by apluswebmaster, 24 May 2010 - 10:04 PM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#24 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 26 May 2010 - 02:14 PM

FYI...

Blackhole DNS Update: 138 new domains
- http://www.malwaredo...ordpress/?p=986
May 26, 2010 - "sources: secuboxlabs.fr, www.siteadvisor.com..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#25 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 28 May 2010 - 04:38 AM

FYI...

Urgent addition: v-medical-dot-org/89.187.53.203
- http://www.malwaredo...ordpress/?p=990
Posted on May 27th, 2010 in 0day, New Domains by dglosser

Please add v-medical. org (89.187.53.203) to your blocklists.
Source: http://isc.sans.org/...ml?storyid=8860
Last Updated: 2010-05-27 18:18:30 UTC

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#26 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 30 May 2010 - 05:38 AM

FYI...

- http://www.malwaredo...ordpress/?p=993
May 29, 2010 - "Over 250 new malicious domains associated with zeus, fake security, neosploit, and other trojans and malware. Sources include malwaredomainlist.com, google.com/safebrowsing, blog.dynamoo.com..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#27 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 01 June 2010 - 05:38 PM

FYI...

List cleanup: 950 domains removed
- http://www.malwaredo...rdpress/?p=1000
June 1, 2010 - "950 older domains have been removed. They are located in the file “removed-domains-20100601.txt” . Please let us know ASAP if any should be placed back on active state."

:!:

Edited by apluswebmaster, 01 June 2010 - 05:40 PM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#28 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 02 June 2010 - 09:04 PM

FYI...

Urgent Block: credittreport-dot-info Clickjacking Attacks
- http://www.malwaredo...rdpress/?p=1003
June 2, 2010 - "There has been an outbreak of clickjacking attacks on Facebook’s “Like” plugin. The target domain associated with the hidden iframe is credittreport. info. Please block that domain ASAP. Source:
- http://isc.sans.org/...ml?storyid=8893
Last Updated: 2010-06-02 19:08:01 UTC

:ph34r: :ph34r:

Edited by apluswebmaster, 02 June 2010 - 10:00 PM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#29 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 04 June 2010 - 02:17 PM

FYI...

140 Domains added...
- http://www.malwaredo...rdpress/?p=1007
June 4, 2010 - "140 new domains to shun, redirect, or just block. Sources: dnsbl.abuse.ch, www.malwaregroup.com, malc0de.com, and others..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#30 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 06 June 2010 - 04:42 PM

FYI...

279 malicious domains added
- http://www.malwaredo...rdpress/?p=1010
June 6, 2010 - "279 new domains. Many associated with a malicious “8080 campaign” sent to us from malc0de.com..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#31 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 07 June 2010 - 03:51 PM

FYI...

Urgent Block: google-analytics(dot)dynalias.org
- http://www.malwaredo...rdpress/?p=1013
June 7th, 2010 - Please block google-analytics. dynalias. org.

Sources:
- http://www.symantec....3020-99&tabid=2
Updated: June 7, 2010 1:56:30 AM

- http://phil-secu.over-blog.net/

:ph34r: :ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#32 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 09 June 2010 - 05:31 AM

FYI...

Scareware, trojan, exploit domains
- http://www.malwaredo...rdpress/?p=1015
June 8, 2010 - "A bunch of new domains associated with scareware, exploits, trojans, etc. Sources: paretologic.com, www3.malekal.com, www.kvarcasvany .hu, ddanchev.blogspot.com and others..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#33 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 09 June 2010 - 04:24 PM

FYI...

Urgent Block: ww-dot-robint-dot-us
- http://www.malwaredo...rdpress/?p=1017
June 9, 2010 - "ww(dot)robint(dot)us has been injected into over 111,000 IIS/ASP sites. Please add this to your blocklist ASAP (or refresh your zone file, as last night’s update included that domain) Sources:
- http://blog.sucuri.n...-robint-us.html
- http://nsmjunkie.blo...-infection.html
- http://isc.sans.edu/...ml?storyid=8935 "

- http://www.spywarein...ndpost&p=724792

:ph34r: :grrr: :ph34r:

Edited by apluswebmaster, 09 June 2010 - 06:38 PM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#34 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 12 June 2010 - 11:30 AM

FYI...

many scareware, exploit, and rogue domains added
- http://www.malwaredo...rdpress/?p=1025
June 12, 2010 - "Sources: ddanchev.blogspot.com, jsunpack.jeek.org, and others..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#35 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 15 June 2010 - 06:20 AM

FYI...

zeus, 8080, rogue domains... added
- http://www.malwaredo...rdpress/?p=1034
June 14, 2010 - "Sources include: malwaredomainlist.com, malc0de.com, support.clean-mx.de, zeustracker.abuse.ch..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#36 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 16 June 2010 - 05:28 AM

FYI...

fastflux, zeus, trojan domains added
- http://www.malwaredo...rdpress/?p=1044
June 15, 2010 - "sources include secuboxlabs.fr, atlas.arbor.net, malwaredomainlist.com, zeustracker.abuse.ch..."

- http://www.abuse.ch/?p=2568
May 17, 2010 - "... Arbor Networks... has added a fingerprint in their Peakflow product family to help Internet Service Providers (ISPs) and companies around the world to mitigate, protect and monitor malicious ZeuS C&C Botnet traffic within their Networks. The fingerprint provided by Arbor is being generated in cooperation with the ZeuS Tracker... If you are a network administrator and your company is runing Arbor Peakflow you just can activate the fingerprint using Arbor’s Active Threat Feed policies (ATF)."

:ph34r:

Edited by apluswebmaster, 21 June 2010 - 05:05 PM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#37 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 18 June 2010 - 08:24 PM

FYI...

dns-bh update: 145 new domains
- http://www.malwaredo...rdpress/?p=1054
June 18, 2010 - "Sources include: secuboxlabs.fr, www.malwaredomainlist.com, support.clean-mx.de, ddanchev.blogspot.com..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#38 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 20 June 2010 - 08:55 PM

FYI...

fake video, exploit, rogue security domains
- http://www.malwaredo...rdpress/?p=1058
June 20, 2010 - "Sources include: paretologic.com, malwaredomainlist.com, malc0de.com..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#39 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 22 June 2010 - 07:06 PM

FYI...

Urgent block: volgo-marun .cn & sicha-linna8 .com
- http://www.malwaredo...rdpress/?p=1065
June 22, 2010 - "From cyberinsecure.com:
The support site of leading Chinese PC manufacturer Lenovo has been compromised by unknown attackers who injected a rogue IFrame into the pages over the weekend. Security researchers warn that unwary visitors looking for drivers are exposed to several exploits that install the Bredolab trojan onto their computers.
The IFrame points to an exploit kit hosted on a domain called volgo-marun. cn. After performing several checks to determine what vulnerable software they had installed on their computer, the visitors were served with exploits targeting older versions of Internet Explorer, Adobe Reader or Adobe Flash player... and receives commands from C&C server with domain sicha-linna8 .com "

:ph34r: :ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#40 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 23 June 2010 - 04:29 AM

FYI...

128 new zeus, rogue, exploit domains
- http://www.malwaredo...rdpress/?p=1067
June 22, 2010 - "128 new domains associated with exploits, zeus, rogue and other maliciousness..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#41 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 25 June 2010 - 04:44 AM

FYI...

Artro, asprox, zeus, rogue domains…
- http://www.malwaredo...rdpress/?p=1081
June 24, 2010 - "Sources include: x.maldb.com, abuse.ch, m86security.com, secuboxlabs.fr..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#42 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 02 July 2010 - 12:08 PM

FYI...

20 new domains
- http://www.malwaredo...rdpress/?p=1088
July 2, 2010 - "Quick update… 20 New domains..."


:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#43 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 05 July 2010 - 04:47 PM

FYI...

List Cleanup: 646 Domains Removed
- http://www.malwaredo...rdpress/?p=1092
July 5, 2010 - "646 domains have been removed. Please let us know if any need to be readded. There were 31 domains added in July 2009 and, a year later, are still actively serving up malware (according to google safebrowsing)..."

:!:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#44 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 07 July 2010 - 04:42 AM

FYI

138 new domains
- http://www.malwaredo...rdpress/?p=1094
July 6, 2010 - "138 new domains, including some gumblar and “malvertising” domains. Sources include: mdl.paretologic.com, malc0de.com/database/, blog.unmaskparasites.com, stopmalvertising.com..."

:!:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#45 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 08 July 2010 - 10:07 AM

FYI...

Update: 246 harmful domains
- http://www.malwaredo...rdpress/?p=1097
July 8, 2010 - "sources: securehomenetwork.blogspot.com, blog.unmaskparasites.com, freepcsecurity.co.uk, blog.dynamoo.com and others..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#46 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 10 July 2010 - 12:58 PM

FYI...

Update: 74 harmful domains added
- http://www.malwaredo...rdpress/?p=1101
July 10, 2010 - "Sources include malc0de.com, safeweb.norton.com,abuse.ch..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#47 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 12 July 2010 - 08:42 PM

FYI...

Lots of zeus, exploit, neosploit domains
- http://www.malwaredo...rdpress/?p=1105
July 12, 2010 - "155 new domains. Sources include www.malwaredomainlist.com, zeustracker.abuse.ch, www.freepcsecurity.co.uk..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#48 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 15 July 2010 - 07:49 AM

FYI...

gumblar, koobface, and other nasty domains
- http://www.malwaredo...rdpress/?p=1110
July 14, 2010 - "Sources include support.clean-mx.de, safeweb.norton.com,blog.unmaskparasites.com, ddanchev.blogspot.com..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#49 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 16 July 2010 - 06:52 AM

FYI...

koobface, exploit domains
- http://www.malwaredo...rdpress/?p=1115
July 15, 2010 - "sources include isc.sans.org, ddanchev.blogspot.com,x.maldb.com, blog.unmaskparasites.com..."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#50 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,928 posts

Posted 19 July 2010 - 10:00 AM

FYI...

gumblar, rogue, scareware domains
- http://www.malwaredo...rdpress/?p=1120
July 19, 2010 - "Sources: honeywhales.com, www.threatexpert.com, blog.unmaskparasites.com and others..."

:!:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.





1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button