Hundreds more malware domains suspended

As I reported the other day about the thousands of suspended domains … it appears that even more domains have been suspended. After I removed the huge list of previously suspended domains from the MVPS HOSTS file … I waited a day or two and rescanned the file to validate the entries. Much to my surprise their were hundreds more malware domains that no longer return a valid DNS …

This seems to coincide with several other reports “Joint statement from Directi, HostExploit and KnujOn” stating: “HostExploit and Knujon did share with Directi a separate list of additional web sites known for badware that belong to Atrivo, enabling Directi’s abuse team to swiftly suspend them.”

In a previous post I showed … “Directi False Whois Suspended Account” owns about 11,853 other domains
Now I find the following: “Directi False Whois Suspended Account” owns about 12,176 other domains” [source]

On Friday, August 22 I mentioned about the amount of malware related sites running at “mynick.name” … however today that number sure has changed!These fake Antispyware related sites were running from various hosting services and IP blocks all over the world … looks like someone finally caught up to their antics …

 [source]

SecurityFix has also posted more related news “Scammer-Heavy U.S. ISP Grows More Isolated” … I imagine the Cyber-criminals are really scrambling trying to register new domains, etc … as the amount of suspended domains account for a rather large source of revenue …

While I’m on the subject of suspended domains … the bogus Antispyware programs I showed were being hosted at Yahoo were suspended over the weekend … thanks to Kimberly for alerting Yahoo …

And let’s not forget … “innovativemarketing.com” and “setupahost.net” which were the original WinFixer Gang … good riddance! …



Comments are closed.