Sign in to follow this  
Sulveran

Infected Sites List

Recommended Posts

List is very simple the ip below the site is tied to the above site not the one below! I will update daily on here and on my site. If this is okay I will keep a list like this on my computer and my website.. Unless you don't want me sharing the list I will not do so.

 

ALSO PLEASE REALISE THESE LINKS ARE MALICIOUS AND CAN HARM THE COMPUTER DON'T CLICK ON ANY OF THEM UNLESS YOU HAVE A PROPER SETUP SUCH AS A VIRTUAL MACHINE BE CAREFUL! :excl: :excl:

 

Also some of the links might be dead if so I am sorry for the waste of time.

 

Today For me 4/10/2013

I am NOT going to guess the malware type I am not a security expert I don't know how to identify it. So sorry for that in advance :(

xz6.xxooss.com/a1/ie.exe

198.13.114.201 i

www.crs24.de/Fernwartung.exe

91.203.111.2

www.educabolivia.bo/educabolivia/images/archivos/user_files/p0001/file/mapas_conceptuales.exe 200.87.133.140

www.educabolivia.bo/educabolivia/images/archivos/user_files/p0001/file/fichas_ocultas.exe

200.87.133.140

www.enigmasoftware.com/download_scanner/enigmasoftware.com/RegHunter-Installer.exe

50.18.254.182

www.incredimail.com/h/d/1108106407673200639/130090672358729119/test/tgout/installer/incredimail_install.exe

82.80.204.42

www.pendriveapps.com/goto/Download_BOOTICE_exe/5670/1

69.89.27.206
www.sjiit.com/kong.exe

98.126.147.91

xujxiwli.ru/newbos4.exe

98.249.247.170
xz6.xxooss.com/a2/xz.exe

198.13.114.201

www.cutedvd.com/download/acaladvdcopy.exe

67.20.109.190

www.educabolivia.bo/educabolivia/images/archivos/user_files/p0001/file/proglin.exe

200.87.133.140

www.educabolivia.bo/educabolivia/images/archivos/user_files/p0001/file/que_me_pongo.exe

200.87.133.140

www.freeware365.com/download/FGSetup.exe

98.130.145.96

www.miniclip.com/games/reel-gold/reel-gold.exe

77.73.32.120

www.readytrainingonline.com/downloads/miazas.exe

208.109.168.22

www.un-jeu-par-jour.com/toolbar/telecharger.php?gt%2F;downlt
%2F%2F;br%2Fgt%2F%2F;load2.microapp.com%2Ftelechargement%2Fe

212.23.46.135

xz6.xxooss.com/a1/wuji.exe

198.13.114.201

xz6.xxooss.com/a1/dudu.exe

198.13.114.201

www.educabolivia.bo/educabolivia/images/archivos/user_files/p0001/file/sw_eqtabla_-_instalador.exe

200.87.133.140

www.educabolivia.bo/educabolivia/images/archivos/user_files/p0001/file/seterra.exe

200.87.133.140

www.educabolivia.bo/educabolivia/images/archivos/user_files/p0001/file/sw_formulario_mate.exe

200.87.133.140

www.incredimail.com/h/d/1108106407673200639/130090672358729119/test/tgout/installer/incredimail_install.exe

82.80.204.42

www.ns.tu8w.com/139my-6.4.exe

115.239.230.207

www.resplendence.com/download/antiFreezeSetup.exe

209.139.208.98

xujxiwli.ru/newbos4.exe

98.249.247.170

 

 

List is very simple the ip below the site is tied to the above site not the one below!

Edited by Sulveran

Share this post


Link to post
Share on other sites

Little quick update not sure what you guys can do with this but.

 

There is an app that is known as Sociable and thousands of bloggers use the app so there site can be shared to many social networks. There is a redirect, unsafe ads, and possible malware infection reported. I don't know what you guys can do to test it but i will do this. I have a dummy website I don't use it anymore and I am going to place the infected gadget on there. So that way you guys can test it and report on it.

Share this post


Link to post
Share on other sites

New update this is one of the worst scams I have ever seen,

The link if blocked sends the information to as many advertising networks (like ad sense but not that one) when my page loads all i see is sending info here here here here and it goes on for a while.

 

It is sending me to 30+ different sites and the script when blocked reruns itself to try and get past the block. I have seen scareware ransomware trojans and forms of spyware from this

Edited by Sulveran

Share this post


Link to post
Share on other sites

Hi Sulveran,

 

Thanks for sharing the links. If it's ok with you, could you post the suspicious URL list on your site and let me know what the URL for the list is? It's much easier to scrape/parse a regular web site than this forum. Thanks!

 

Andy

Lavasoft Malware Labs

  • Like 2

Share this post


Link to post
Share on other sites

I will link on my website where to download the text file that contains my list. Apparently having them on my site the google crawler will recognize it as a malicious site and shut me off. So i will place a link on my website to go to my media fire download list to were you can download my daily list.

 

http://www.thedailyexposition.blogspot.com/#sthash.bfknmP7A.dpbs

Share this post


Link to post
Share on other sites

How about creating a password protected zip file containing a text file with the links and placing it on your site instead? It means we can directly download the zip file without having to handle the awkward Mediafire site.

Share this post


Link to post
Share on other sites

Hi , I am not able to download the list ..

I am encountering the following error .

Sorry, you don't have permission for that!
[#10171]

You do not have permission to view this attachment.

Please help me to resolve this . If you are able to provide external link for the same will be very helpful

Thank You

Share this post


Link to post
Share on other sites

Hi msankith,

 

That is how it's meant to be. This is not a site for downloading malware, it's a forum where you can give Lavasoft malware to help them improve Ad-Aware.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this