The following is a list of websites that maintain and provide public lists of known and suspected malicious sources. These lists can be used for preventing malware infections, for managing incoming email, or for testing purposes.
Malware Block Lists (Domains/URLs)
MalwareDomainList.com Hosts List and URLs
Malware Domain Blocklist: blackhole DNS files (domain.txt, BOOT file in MS format, zone file in Bind format)
hpHosts File and Domains: maintained by Malwarebytes Corp.- Malware Patrol: provides block lists in many different formats.
ZeuS domain blocklist and URLs
ParetoLogic Malware Blacklist: a database of malicious URLs.
CLEAN-MX Realtime Database: a database of malicious URLs (XML output available).
Malc0de Blacklist and URLs: a database of domains that are hosting malicious executables.- Virus Tracker: provides a domain blocklist of various botnets (by Peter Kleissner).
- Cyber Crime Tracker: a database of malicious URLs.
Scumware.org- VX Vault
IP Address Block Lists
I-BlockList: maintains block lists that you can use with software such as PeerBlock, PeerGuardian, iplist, and Vuze.
BISS IP Blocklists: sorted in .zip and .gz formats. Requires registration.
Project Honey Pot’s Directory of Malicious IPs
Chinese and Korean IPs: for those who want to avoid Asian spam.- ZeuS IP blocklist
- Nothink Malware Blacklist
Wizcrafts .htaccess and iptables blocklists
Phishing Block Lists (Domains/URLs)
PhishTank Phish Archive: see all suspected phish submissions.- CLEAN-MX Realtime Database: a database that consists of phishing URLs (XML output available).
Spam Domain Block Lists
Notable Links
- HostsMan: a free application that lets you manage your Windows hosts file.
- Most Aggressively Spreading Malware Binaries: a list of the most aggressively spreading malware MD5s.
- How to Remove Malware from Windows
Has your IP address been blacklisted? You can use the following tools to find out.
MXToolBox: check the IP address against 100+ known blacklists.
MultiRBL.valli.org: a free DNSBL/RBL lookup and FCrDNS check tool (IPv4/IPv6 address or domain name).
DNSBL Database Lookup
more info http://www.selectrealsecurity.com/public-block-lists