Jump to content


Photo

Malware Domain Blocklist updated...


  • Please log in to reply
423 replies to this topic

#101 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 04 December 2010 - 02:43 AM

FYI...

144 domains added
- http://www.malwaredo...rdpress/?p=1453
December 3rd, 2010 - "artro c&c domains, spyeye domains, some rogue domains, and lots of google safebrowsing domains. Sources include safebrowsing.clients.google.com, spyeyetracker.abuse.ch, amada.abuse.ch and others..."

:ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#102 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 06 December 2010 - 11:51 AM

FYI...

zeus, neosploit, rogue domains added
- http://www.malwaredo...rdpress/?p=1456
December 5th, 2010 - "139 domains: rogue domains, zeus domains, neosploit domains, malicious iframes… Sources include safebrowsing.clients.google.com, sitevet.com..."

- http://www.symantec.....jsp?asid=23749

:ph34r:

Edited by AplusWebMaster, 06 December 2010 - 12:30 PM.

This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#103 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 09 December 2010 - 11:48 PM

FYI...

195 new domains to block
- http://www.malwaredo...rdpress/?p=1467
December 8th, 2010 - "spyeye, artro, zeus, darkness ddos bot domains, and more… Sources include blog.dynamoo.com, amada.abuse.ch, blog.sucuri.net..."

:ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#104 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 14 December 2010 - 08:51 AM

FYI...

Malicious javascript, torpig, spyeye domains
- http://www.malwaredo...rdpress/?p=1486
December 14th, 2010 - "domains containing malicious javascript. Domains associated with spyeye, artro or mebroot. A short but important list. Sources include spyeyetracker.abuse.ch, blog.dynamoo.com, www.cs.ucsb.edu/~marc. .."

long lived malware domains ...
- http://www.malwaredo...rdpress/?p=1491
December 14th, 2010 - "... Of these 1185 domains, 569, or 48% were deemed as still “worthy” of being kept on the DNS-BH blocklist. That’s 569 harmful domains which were active for over four months. Another analysis occurred in Dec 2010. Of the 569 remaining domains, 150 or 26% were delisted — which means that 74% continued to be associated with badness. There are over 380 domains which have been listed for over a year. Data is here: http://www.malwaredo...ns_analysis.txt
One observation – there are no rogue security domains on this list."

:ph34r:

Edited by AplusWebMaster, 15 December 2010 - 07:12 AM.

This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#105 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 18 December 2010 - 12:59 PM

FYI...

mebroot/torpig, fastflux, botnet sites to block
- http://www.malwaredo...rdpress/?p=1498
December 17th, 2010 - "130 malicious sites and domains (torpig, mebroot, fastflux, botnet, etc). Sources include secuboxlabs.fr, zeustracker.abuse.ch, wam.dasient.com..."

:ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#106 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 21 December 2010 - 03:44 PM

FYI...

172 domains to block
- http://www.malwaredo...rdpress/?p=1506
December 21st, 2010 - "malvertising, exploit, phishing, and other malicious sites to block or shun. Sources include blog.armorize.com, security.thejoshmeister.com, vxvault.siri-urz.net/URL_List.php, safebrowsing.google.com..."

:ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#107 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 27 December 2010 - 04:09 AM

FYI...

zeus, Sinowal, moneymule domains
- http://www.malwaredo...rdpress/?p=1516
December 25th, 2010 - "Domains associated with Zeus, moneymules, Sinowal, exploits and more… Sources include www.malwaredomainlist.com, securehomenetworks.blogspot.com, vxvault.siri-urz.net..."

:ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#108 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 30 December 2010 - 08:28 AM

FYI...

1481 long-lived malware domains
- http://www.malwaredo...rdpress/?p=1524
December 29th, 2010 - "1481 long-lived malware domains active for at least 90 days, 850 active for at least 6 months, 500 active for over a year. Full list, sorted by number of days on our blocklist, is located here*."
* http://mirror1.malwa...are-domains.txt

:ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#109 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 31 December 2010 - 06:31 PM

FYI...

Update: 175 Malicious Sites
- http://www.malwaredo...rdpress/?p=1526
December 30th, 2010 - "175 malicious sites — PDF Exploits, mebroot, Sinowal, Zeus, ransomware… Sources include malwareurl.com, support.clean-mx.de, securehomenetworks.blogspot.com..."

:ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#110 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 03 January 2011 - 05:01 AM

FYI...

178 New Malicious Sites
- http://www.malwaredo...rdpress/?p=1531
January 2nd, 2011 - "Malicious Sites containing PDF Exploits, Storm 3.0 and other malware… Sources include safebrowsing.clients.google.com, www.shadowserver.org, malekal.com..."

:!:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#111 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 06 January 2011 - 06:11 PM

FYI...

Urgent Block: NoS.fileave[dot]com and dota2trailer[dot]tk
- http://www.malwaredo...rdpress/?p=1537
January 6th, 2011 - "From the Internet Storm Center*: "dota2trailer .tk claims to have a video trailer for the new Dota 2 game but instead iinstalls a keylogger to steal credentials from gamers… Looking at the code on the site it does try to use java to download “hxxp://NoS. fileave. com/CamPlug.exe” These sites will be blocked on tonight’s update but you shouldn’t wait…"

Fake Game Demo website
* http://isc.sans.edu/...l?storyid=10228
Last Updated: 2011-01-06 21:10:19 UTC - "... VirusTotal's url check* didn't show -any- known maliciousness associated with that url..."
* http://www.virustota...5012-1294334566
Submission date: 2011-01-06 18:22:46 (UTC)
Antivirus report: View downloaded file analysis
Webscan result: 0/6 (0.0%)
[ Firefox Clean site, G-Data Clean site, Google Safebrowsing Clean site, Opera Clean site, ParetoLogic Clean site, Phishtank Clean site ]
- http://www.virustota...54bf-1294358709
File name: CamPlug.exe
Submission date: 2011-01-07 00:05:09 (UTC)
Result: 2/43 (4.7%)

1) http://www.mywot.com...nos.fileave.com
Spam - 1
2) http://www.mywot.com...dota2trailer.tk
Spam - 1 / Browser exploit - 2

:grrr: :ph34r:

Edited by AplusWebMaster, 06 January 2011 - 09:07 PM.

This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#112 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 08 January 2011 - 04:59 AM

FYI...

rogue, geinimi, torpig, android malware sites
- http://www.malwaredo...rdpress/?p=1544
January 6th, 2011 - "Domains associated with piracy, android malware, rogue security, artro, and other stuff you don’t want you or your user’s browser visiting or contacting. Source include securehomenetworks.blogspot.com, vxvault.siri-urz.net/URL_List.php, secuboxlabs.fr..."

:ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#113 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 11 January 2011 - 11:56 PM

FYI...

194 New Domains
- http://www.malwaredo...rdpress/?p=1549
January 10th, 2011 - "194 malicious domains to block. Sources include security.thejoshmeister.com, securehomenetworks.blogspot.com, blogs.paretologic.com..."

:ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#114 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 15 January 2011 - 05:34 PM

FYI...

196 New Domains to Block
- http://www.malwaredo...rdpress/?p=1564
January 14th, 2011 - "196 new domains to add to your blocklist. Rogue security domains, zeus, backdoor, exploit domains listed at blog.urlvoid.com, securehomenetworks.blogspot.com, vxvault.siri-urz.net and others..."

:!:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#115 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 19 January 2011 - 07:01 PM

FYI...

200 New Domains
- http://www.malwaredo...rdpress/?p=1568
January 18th, 2011 - "200 new domains to add to your malware blocklist. Artro domains, exploit domains, fastflux domains, listed at securehomenetworks.blogspot.com, sucuri.net, and others..."

:ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#116 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 21 January 2011 - 04:17 PM

FYI...

artro, fastflux, phishing, torping domains...
- http://www.malwaredo...rdpress/?p=1577
January 20th, 2011 - "165 new domains associated with torpig, rogue antivirus, phishing, fastflux, and other badness. Sources include atlas.arbor.net, abuse.ch, vxvault.siri-urz.net..."

:ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#117 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 24 January 2011 - 01:05 PM

FYI...

gumblar, artro, zeus domains
- http://www.malwaredo...rdpress/?p=1581
January 23rd, 2011 - "Domains associated with gumblar, zeus, drive-by’s, rogues, etc... Sources include viralerts.com, safebrowsing.google.com, blog.unmaskparasites.com ..."

:ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#118 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 27 January 2011 - 06:09 AM

FYI...

iframe, gumblar, rogue and other malicious domains
- http://www.malwaredo...rdpress/?p=1586
January 26th, 2011 - "Malicious domains associated with zeus, rogue security, gumblar and other nastiness. Sources include securehomenetworks.blogspot.com, blog.unmaskparasites.com, www.shadowserver.org..."

:ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#119 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 31 January 2011 - 04:48 AM

FYI...

exploit, gumblar, neosploit, zeus domains
- http://www.malwaredo...rdpress/?p=1590
January 29th, 2011 - "Domains associated with gumblar, zeus, neosploit, spyeye and other exploits and trojan badness. Sources include www3.malekal.com, blog.unmarkparasites, viralerts.com..."

- http://www.malwaredo...rdpress/?p=1597
January 31st, 2011 - "Last night’s “justdomains” file seems to have been corrupted… We just replaced it with a new one..."

:ph34r:

Edited by AplusWebMaster, 31 January 2011 - 03:03 PM.

This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#120 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 03 February 2011 - 06:11 PM

FYI...

210 Domains
- http://www.malwaredo...rdpress/?p=1601
February 2nd, 2011 - "... 210 domains associated with artro, gumblar, rbn, torpig and other exploits. Source include www3.malekal.com, securehomenetworks.blogspot.com, honeywhales.com, blog.unmaskparasites.com..."

:ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#121 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 06 February 2011 - 10:46 PM

FYI...

179 New Malicious Domains
- http://www.malwaredo...rdpress/?p=1611
February 6th, 2011 - "179 new malicious sites associated with gumblar, backdoors, moneymule, rogue security. Sources include securehomenetworks.blogspot.com, log.unmaskparasites.com, www.cyber-ta.org..."

:!:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#122 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 08 February 2011 - 11:47 PM

FYI...

NeoSploit, FastFlux, Zeus, MoneyMule Domains
- http://www.malwaredo...rdpress/?p=1624
February 8th, 2011 - "Something for everyone… Neosploit. Gumblar, fastflux, rogue, phoenix, money mule, zeus, and more… Sources include securehomenetworks.blogspot.com, ddanchev.blogspot.com (Welcome Back), blog.unmaskparasites.com, zeustracker.abuse.ch..."

:ph34r: :ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#123 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 11 February 2011 - 01:39 PM

FYI...

gumblar, neosploit, mebroot and other malicious domains
- http://www.malwaredo...rdpress/?p=1628
February 10th, 2011 - "132 malicious sites and domains to add to your blocklist or malware shunlist. Sources include viralerts.com, securehomenetworks.blogspot.com, safebrowsing.google.com..."

:ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#124 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 14 February 2011 - 11:16 AM

FYI...

spyeye, pheonix, palevo, blackhole exploit kit domains
- http://www.malwaredo...rdpress/?p=1636
February 13th, 2011 - "Malicious domains associated with blackhole exploit kit, palevo, gumblar, spyeye and other exploits. Sources include honeywhales.com, honeywhales.com, stopmalvertising.com..."

:ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#125 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 18 February 2011 - 09:09 AM

FYI...

184 New Malicious, Harmful Domains
- http://www.malwaredo...rdpress/?p=1648
February 18th, 2011 - "Additions: 184 domains associated with zeus, trojans, spyeye, rogue antimalware, etc. Sources include blog.dynamoo.com, labs.snort.org, securehomenetworks.blogspot.com, safebrowsing.google.com..."

:ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#126 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 21 February 2011 - 10:05 PM

FYI...

iframes, artro c&c domains, scareware domains
- http://www.malwaredo...rdpress/?p=1653
February 20th, 2011 - "This update includes zeus, tdss rootlkit, scareware, and other harmful, malicious sites and domains. Sources include ddanchev.blogspot.com, safebrowsing.google.com, www.sacour .cn and many others..."

:ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#127 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 27 February 2011 - 06:17 AM

FYI...

Pheonix, Palevo, Neosploit, Money Mule, Rogue Domains
- http://www.malwaredo...rdpress/?p=1663
February 25th, 2011 - "Pheonix, Palevo, Neosploit, Money Mule, Rogue Domains... Sources include support.clean-mx.de, securehomenetworks.blogspot.com, honeywhales.com..."

:!:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#128 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 02 March 2011 - 07:26 AM

FYI...

Bulletproof Domains, Moneymule Domains, Exploit Domains, iframes and more...
- http://www.malwaredo...rdpress/?p=1670
March 1st, 2011 - "... Sources include amada.abuse.ch, hphosts.blogspot.com, www.malwaredomainlist.com, support.clean-mx.de..."

:ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#129 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 05 March 2011 - 10:21 PM

FYI...

neosploit, blackhole, rogue & exploit domains
- http://www.malwaredo...rdpress/?p=1675
March 4th, 2011 - "Sources include www.malwaredomainlist.com, support.clean-mx.de, safebrowsing.google.com..."

:ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#130 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 09 March 2011 - 06:11 AM

FYI...

Bullet Proof Domains, SpyEye, fast flux and other malicious domains
- http://www.malwaredo...rdpress/?p=1684
March 8th, 2011 - "Bullet Proof SpyEye Domains, fast flux C&C, and other malicious domains. Sources include blog.sucuri.net, securehomenetworks.blogspot.com, www.sacour.cn & others..."

:ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#131 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 13 March 2011 - 05:29 PM

FYI...

Rogues, Trojans, Moneymule,Zeus domains
- http://www.malwaredo...rdpress/?p=1695
March 12th, 2011 - "... Sources include ddanchev.blogspot.com, malwaredomainlist.com, vxvault.siri-urz.net and others..."

:ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#132 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 16 March 2011 - 10:27 PM

FYI...

malvertising*, exploit, rogue, moneymule domains
- http://www.malwaredo...rdpress/?p=1698
March 16th, 2011 - "... sources include securehomenetworks.blogspot.com, www.malwaredomainlist.com, sunbeltblog.blogspot.com..."

* http://www.darkreadi...le/id/229300720
Mar 10, 2011

:ph34r:

Edited by AplusWebMaster, 18 March 2011 - 07:07 AM.

This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#133 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 20 March 2011 - 04:44 PM

FYI...

artro, palevo, bulletproof, rogue domains
- http://www.malwaredo...rdpress/?p=1702
March 19th, 2011 - "... Sources include amada.abuse.ch, support.clean-mx.de, www.malwaredomainlist.com..."

:ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#134 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 23 March 2011 - 06:56 AM

FYI...

Drive-by exploits, moneymule, zeus domains
- http://www.malwaredo...rdpress/?p=1710
March 22nd, 2011 - "Zeus drive-by domains, drive-by exploits, moneymule, rogue security domains. Sources include blog.urlvoid.com, google.safebrowsing.com, www.spamhaus.org..."

:ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#135 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 25 March 2011 - 04:01 PM

FYI...

Bulletproof Zeus, cybercrime, rogue security domains
- http://www.malwaredo...rdpress/?p=1714
March 25th, 2011 - "164 domains associated with Zeus (Bulletproof, drivebys), rogue antivirus, crybercrime and other badness. Sources include blog.sucuri.net, vxvault.siri-urz.net, www.malwaredomainlist.com..."

:!: :ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#136 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 30 March 2011 - 10:43 AM

FYI...

zeus, drive-by, malspam domains
- http://www.malwaredo...rdpress/?p=1724
March 29th, 2011 - "Domains associated with malspam, moneymules, zeus, etc. Sources: www.spamhaus.org, safebrowsing.google.com and others..."

:ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#137 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 31 March 2011 - 09:05 AM

FYI...

DNS-BH Mar 30 update: 40 domains
- http://www.malwaredo...rdpress/?p=1733
March 31st, 2011 - "A short but important update consisting of our two friends from yesterday (lizamoon . com and defender-uqko .in) and some rogue and exploit domains. Sources include sucuri.net, urlquery.net, urlvoid.com..."

:ph34r: :!:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#138 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 03 April 2011 - 06:48 AM

FYI...

Lots of rogue and lizamoon domains
- http://www.malwaredo...rdpress/?p=1738
April 2nd, 2011 - "163 domains, mainly associated with sql injection, lizamoon, and rogue antivirus. Most have been nuked but one can never be too careful (think about how many times gumblar has come back from the dead). Sources include ddanchev.blogspot.com, www .malwaregroup .com, community.websense.com/blogs..."

:!: :ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#139 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 05 April 2011 - 09:19 AM

FYI...

Big Update: lizamoon, driveby, rogue domains
- http://www.malwaredo...rdpress/?p=1741
April 5th, 2011 - "Over 200 domains associated with zeus, lizamoon, drive-by exploits, moneymule, and fake security pages. Sources include securehomenetworks.blogspot.com, ddanchev.blogspot.com, urlvoid.com..."

:!: :ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#140 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 07 April 2011 - 09:26 PM

FYI...

Huge Update: Over 450 domains
- http://www.malwaredo...rdpress/?p=1745
April 7th, 2011 - "One of the biggest updates ever – over 450 domains associated with some 0-day exploits, fakeav, lizamoon, and other badness...
Sources: amada.abuse.ch blocklist, safebrowsing.google.com, securehomenetworks.blogspot.com and others..."

:ph34r: :!: :ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#141 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 10 April 2011 - 03:56 AM

FYI...

Another huge update – 278 Domains
- http://www.malwaredo...rdpress/?p=1752
April 9th, 2011 - "278 domains associated with rouge security/fake AV, sql injection, lizamoon and other badness. Sources include blog.sucuri.net, safebrowsing.google.com, amada.abuse.ch and securehomenetworks.blogspot.com..."

:ph34r: :ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#142 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 14 April 2011 - 04:59 AM

FYI...

Rouges, moneymules, harmful domains
- http://www.malwaredo...rdpress/?p=1755
April 13th, 2011 - "Domains associated with fake anvirus, moneymule and other badness added. Sources include sacour.cn, urlquery.net, amada.abuse.ch & securehomenetworks.blogspot.com..."

:ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#143 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 17 April 2011 - 04:00 AM

FYI...

266 Malicious Domains
- http://www.malwaredo...rdpress/?p=1759
April 16th, 2011 - "266 domains (rouge, fake antivirus, and other badness) from sunbeltblog.blogspot.com, safebrowsing.google.com, amada.abuse.ch and others..."

:!: :ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#144 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 18 April 2011 - 12:04 PM

FYI...

Fake AV, Malspam, gozi, harmful domains
- http://www.malwaredo...rdpress/?p=1764
April 18th, 2011 - "Over 200 fake antivirus, rfi, malspam, gozi, harmful domains. Sources include amada.abuse.ch, ddanchev.blogspot.com, safebrowsing.google.com..."

:ph34r: :!:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#145 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 21 April 2011 - 06:42 AM

FYI...

exploit kit, fake av, zeus domains
- http://www.malwaredo...rdpress/?p=1773
April 20th, 2011 - "Domains associated with rogue/fake av, zeus, brandjackers were added. Sources include amada.abuse.ch, safebrowsing.google.com, securehomenetworks.blogspot.com..."

:ph34r: :ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#146 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 23 April 2011 - 06:11 AM

FYI...

Lots of Rogue, Suspicious, Harmful Domains
- http://www.malwaredo...rdpress/?p=1778
April 22nd, 2011 - "Over 200 domains associated with rogue security, fake av, harmful domains. Sources include amada.abuse.ch, blog.urlvoid.com, safebrowsing.clients.google.com..."

:!: :ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#147 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 28 April 2011 - 10:42 PM

FYI...

Lots of Rogues, Fake AVs, trojans...
- http://www.malwaredo...rdpress/?p=1787
April 27th, 2011 - "Over 250 malicious domains associated with rogue security, trojans, fake antivirus and other malicious behavior. Sources include amada.abuse.ch, hosts-file.net, malwareblacklist.com..."

:!:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#148 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 02 May 2011 - 05:26 PM

FYI...

209 New Malicious Domains
- http://www.malwaredo...rdpress/?p=1791
May 2nd, 2011 - "209 New Malicious Domains associated with Fake AV/Scareware, Trojans, etc. Sources include amada.abuse.ch, hosts-file.net, malwareurl.com..."

:!:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#149 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 05 May 2011 - 12:51 PM

FYI...

Zeus, Scareware, and more fake security domains
- http://www.malwaredo...rdpress/?p=1802
May 4th, 2011 - "lots of fake antivirus domains, zeus, scareware domains. Sources include www.sophos.com, securehomenetworks.blogspot.com, hosts-file.net..."

:ph34r: :ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.

#150 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 8,703 posts

Posted 08 May 2011 - 10:25 PM

FYI...

More Rogue Security & Rogue AV, Zeus and other Badness
- http://www.malwaredo...rdpress/?p=1806
May 7th, 2011 - "Lots of Rogue Antivirus Domains, spyeye, zeus, and other malicious domains. Sources include zeustracker.abuse.ch, sacour.cn, blog.sucuri.net & others ..."

:ph34r:
This machine has no brain.
......... Use your own.
Browser check for updates here.
.




2 user(s) are reading this topic

0 members, 2 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button