From 1338830adcea48a08720d5f1461fcd51429405a9 Mon Sep 17 00:00:00 2001 From: sugarcanehyena Date: Sun, 27 Oct 2024 16:55:02 +0000 Subject: [PATCH] Block `GoatRat1 aka `CriminalMW` and `FantasyMW` banking malware --- src/blacklists/email.txt | 3 ++- src/blacklists/hosts.txt | 4 ++++ src/blacklists/nomalware-beta.txt | 4 ++++ src/blacklists/nomalware-full.txt | 4 ++++ src/blacklists/nomalware-lite.txt | 4 ++++ src/blacklists/nomalware-mega.txt | 4 ++++ 6 files changed, 22 insertions(+), 1 deletion(-) diff --git a/src/blacklists/email.txt b/src/blacklists/email.txt index 95c4b86..73983a4 100644 --- a/src/blacklists/email.txt +++ b/src/blacklists/email.txt @@ -5,7 +5,7 @@ # Contribute: https://github.com/chartingshow/crypto-firewall/issues # License: GPL-3.0 license # -# Last modified: 4 October 2024 +# Last modified: 27 October 2024 # 013store@goodwillhunting.org @@ -5056,6 +5056,7 @@ si@banglarshonamoni.com siarotmn@giangduong.vn siauemd@apmaustin.com sic@pgr.ao +sickodevz@hotmail.com sidoyla@revconstructioninc.com sidrajohn@bestmedtraders.com silvia.rendak@cwiagro.com.br diff --git a/src/blacklists/hosts.txt b/src/blacklists/hosts.txt index 9d330bb..7db93c7 100644 --- a/src/blacklists/hosts.txt +++ b/src/blacklists/hosts.txt @@ -1502,6 +1502,7 @@ 0.0.0.0 androidapiv8.cf 0.0.0.0 androidapiv9.cf 0.0.0.0 androidapk.ovh +0.0.0.0 androidappstore.online 0.0.0.0 androiddevapi.cf 0.0.0.0 androidposme.com 0.0.0.0 anee.ee @@ -4508,6 +4509,7 @@ 0.0.0.0 cribandkids.shop 0.0.0.0 crickplay.net 0.0.0.0 crimedcirwo.cfd +0.0.0.0 criminalmw.fun 0.0.0.0 criptofaci.com 0.0.0.0 criptoinvestments.online 0.0.0.0 crisbdev.com @@ -13502,6 +13504,7 @@ 0.0.0.0 playestore.net 0.0.0.0 playgo88.fun 0.0.0.0 playrefinedheavilythefile.vip +0.0.0.0 playstoreappstore.online 0.0.0.0 playstorevip.co.vu 0.0.0.0 playtecc.com.br 0.0.0.0 playtopus.click @@ -14695,6 +14698,7 @@ 0.0.0.0 robinsson.live 0.0.0.0 robloxuz.com 0.0.0.0 robo-claim.site +0.0.0.0 robodopix.online 0.0.0.0 roboforexint.com 0.0.0.0 robot999.net 0.0.0.0 robotechpro.com diff --git a/src/blacklists/nomalware-beta.txt b/src/blacklists/nomalware-beta.txt index 52530d8..57ece88 100644 --- a/src/blacklists/nomalware-beta.txt +++ b/src/blacklists/nomalware-beta.txt @@ -1511,6 +1511,7 @@ ||androidapiv8.cf^$third-party ||androidapiv9.cf^$third-party ||androidapk.ovh^$third-party +||androidappstore.online^$third-party ||androiddevapi.cf^$third-party ||androidposme.com^$third-party ||anee.ee^$third-party @@ -4517,6 +4518,7 @@ ||cribandkids.shop^$third-party ||crickplay.net^$third-party ||crimedcirwo.cfd^$third-party +||criminalmw.fun^$third-party ||criptofaci.com^$third-party ||criptoinvestments.online^$third-party ||crisbdev.com^$third-party @@ -13501,6 +13503,7 @@ ||playestore.net^$third-party ||playgo88.fun^$third-party ||playrefinedheavilythefile.vip^$third-party +||playstoreappstore.online^$third-party ||playstorevip.co.vu^$third-party ||playtecc.com.br^$third-party ||playtopus.click^$third-party @@ -14688,6 +14691,7 @@ ||robinsson.live^$third-party ||robloxuz.com^$third-party ||robo-claim.site^$third-party +||robodopix.online^$third-party ||roboforexint.com^$third-party ||robot999.net^$third-party ||robotechpro.com^$third-party diff --git a/src/blacklists/nomalware-full.txt b/src/blacklists/nomalware-full.txt index d6706e2..46f013e 100644 --- a/src/blacklists/nomalware-full.txt +++ b/src/blacklists/nomalware-full.txt @@ -1511,6 +1511,7 @@ ||androidapiv8.cf^$third-party ||androidapiv9.cf^$third-party ||androidapk.ovh^$third-party +||androidappstore.online^$third-party ||androiddevapi.cf^$third-party ||androidposme.com^$third-party ||anee.ee^$third-party @@ -4517,6 +4518,7 @@ ||cribandkids.shop^$third-party ||crickplay.net^$third-party ||crimedcirwo.cfd^$third-party +||criminalmw.fun^$third-party ||criptofaci.com^$third-party ||criptoinvestments.online^$third-party ||crisbdev.com^$third-party @@ -13501,6 +13503,7 @@ ||playestore.net^$third-party ||playgo88.fun^$third-party ||playrefinedheavilythefile.vip^$third-party +||playstoreappstore.online^$third-party ||playstorevip.co.vu^$third-party ||playtecc.com.br^$third-party ||playtopus.click^$third-party @@ -14688,6 +14691,7 @@ ||robinsson.live^$third-party ||robloxuz.com^$third-party ||robo-claim.site^$third-party +||robodopix.online^$third-party ||roboforexint.com^$third-party ||robot999.net^$third-party ||robotechpro.com^$third-party diff --git a/src/blacklists/nomalware-lite.txt b/src/blacklists/nomalware-lite.txt index 4c9d0c3..64328c0 100644 --- a/src/blacklists/nomalware-lite.txt +++ b/src/blacklists/nomalware-lite.txt @@ -1511,6 +1511,7 @@ ||androidapiv8.cf^$third-party ||androidapiv9.cf^$third-party ||androidapk.ovh^$third-party +||androidappstore.online^$third-party ||androiddevapi.cf^$third-party ||androidposme.com^$third-party ||anee.ee^$third-party @@ -4517,6 +4518,7 @@ ||cribandkids.shop^$third-party ||crickplay.net^$third-party ||crimedcirwo.cfd^$third-party +||criminalmw.fun^$third-party ||criptofaci.com^$third-party ||criptoinvestments.online^$third-party ||crisbdev.com^$third-party @@ -13501,6 +13503,7 @@ ||playestore.net^$third-party ||playgo88.fun^$third-party ||playrefinedheavilythefile.vip^$third-party +||playstoreappstore.online^$third-party ||playstorevip.co.vu^$third-party ||playtecc.com.br^$third-party ||playtopus.click^$third-party @@ -14688,6 +14691,7 @@ ||robinsson.live^$third-party ||robloxuz.com^$third-party ||robo-claim.site^$third-party +||robodopix.online^$third-party ||roboforexint.com^$third-party ||robot999.net^$third-party ||robotechpro.com^$third-party diff --git a/src/blacklists/nomalware-mega.txt b/src/blacklists/nomalware-mega.txt index ad7706a..f3b10d0 100644 --- a/src/blacklists/nomalware-mega.txt +++ b/src/blacklists/nomalware-mega.txt @@ -1511,6 +1511,7 @@ ||androidapiv8.cf^$third-party ||androidapiv9.cf^$third-party ||androidapk.ovh^$third-party +||androidappstore.online^$third-party ||androiddevapi.cf^$third-party ||androidposme.com^$third-party ||anee.ee^$third-party @@ -4517,6 +4518,7 @@ ||cribandkids.shop^$third-party ||crickplay.net^$third-party ||crimedcirwo.cfd^$third-party +||criminalmw.fun^$third-party ||criptofaci.com^$third-party ||criptoinvestments.online^$third-party ||crisbdev.com^$third-party @@ -13501,6 +13503,7 @@ ||playestore.net^$third-party ||playgo88.fun^$third-party ||playrefinedheavilythefile.vip^$third-party +||playstoreappstore.online^$third-party ||playstorevip.co.vu^$third-party ||playtecc.com.br^$third-party ||playtopus.click^$third-party @@ -14688,6 +14691,7 @@ ||robinsson.live^$third-party ||robloxuz.com^$third-party ||robo-claim.site^$third-party +||robodopix.online^$third-party ||roboforexint.com^$third-party ||robot999.net^$third-party ||robotechpro.com^$third-party