Partially to provide a list for the Malware DNS scraper to check and partially to make a comprehensive list of malicious hosts that we can play with we have developed the Mayhemic Labs Malicious Hosts List. This list is fairly simple, as it merely combines three different sources of malware information into one list. We currently use information from the following sources:
- Abuse.ch's Zeus Tracker's Domain Blocklist
- MalwareDomainList.com's Hosts List
- MalwarePatrol Malware Block List
The file is fairly simple at this point. There are four tab seperated fields:
host.example.net Unknown Malware MDL 1 host2.example.net Trojan-Downloader.Win32.Genome.abaa MP 0 host.example.com ZeuS/WNSPoem/ZBot ZT 0 host.example.org Multiple Entries MDL/ZT 1
The four fields are the hostname, the malware located on this host ("Unknown Malware" if it is not known from the data source consumed, "Multiple Entries" if there is more then one entry) and the source of the information (Multiple sources seperated by the slash "/" character.)
This file will eventually be expanded to contain more information and more fields, but right now it's short and sweet.
ATTENTION: Due to licensing agreements, The use of the Mayhemic Labs Malicious Hosts List is granted for non-commercial use only. Any use of this list commercially is strictly prohibited.
Download the Mayhemic Labs Malicious Hosts List