nGran is a data security consulting firm specializing in End-Point protection from and blocking solutions for malicious websites, user data privacy protection, security awareness training, networking, and security services to our clientele.
Providing internet security to clients around the world.
nGran secures a variety of clients, from Fortune 2000 Corporations
to small, private companies.
Find out what we can do for you:
>Malicious Website Blocking Solutions >Web Application Intrusion Prevention > Privacy Impact Assessments > Security Awareness Training >Website Redirection Notifications Malicious Site Repeat Offenders The Top Ten list of domain names and IP Addresses that have been identified as spreading surveillance tools, Malware and Scams for the month of June, 2014 are shown below along with their major distributions. The sites have been confirmed by independent researchers as distributing Spam and Malware including, Password stealers, Keyloggers, Injectors, GOZeus, various exploits, InstallCore, Agents, Autostarts, Botnet controllers, Zbots, FakeAV, Redirection and Proxy sites as well as many other types of malicious threats.
For a more complete listing of repeat offender sites please review the items on the Research page of the nGran website. ------------------------------------------------------- 1. esd.baixaki.com.br - from FR publishes numerous Infostealing threats as well as Zeus, Backdoors, and Keyloggers 2. esd.nzs.com.br - from FR.Lyon publishes numerous Backdoors, InstallCore and Infostealers 3. 188.8.131.52 - from PL.Slupsk publishes numerous Agents, Zeus and Injectors 4. akamai.net - from US.MA.Cambridge publishes numerous Keyloggers, Infostealers and Downloaders. 5. arkinsoftware.in - from US.MI.StClairShores publishes multiple threats including FakeAvs and Backdoors 6. hoerbird.net - from DE.Friedersdorf publishes GOZeus and other Blended threats 7. no-ip.biz - from multiple locations publishes Bifrose, Scams, Keyloggers, and Infostealing threats 8. dl.downloadahceiduphoth.com - from US.MA.Cambridge publishes Backdoors and Surveillance tools 10. sayherbal.com - from CA.Quebec.Montreal publishes numerous Backdoors and other types of Scams
The Malicious Website Problem
The number of malicious sites on the Internet that are either origination or distribution (O&D) points for Malware, Trackware, Phishing, Identity Theft and Spam have increased year by year by a factor of 10 over the past three years, and continue to rise dramatically in 2014. There are many estimates of cyber attacks per day and the range varies from roughly 500 to 100,000 attacks and depend on the profile of the site under attack. Sites that are high profile include US and Western European government as well as many commercial sites in those locations. Most attacks are tied to the use of Malware and according to both Kaspersky Lab and Sophos, over 86% of those attacks emanate from the Internet. Many threats use stealth techniques to redirect unsuspecting Internet users from legitimate to malicious web sites. In the past two years there has also been a steady increase in attacking small business and consumers in the US and Western European locations. One reason is the lack of protection used when running a web site, whether it be "hosted" for personal or small businesses trying to reduce operating costs. According to OWASP, and new to the "Top Ten vulnerabilities" in June of 2013, was operating a web site with known and unpatched vulnerabilities. This state of the Internet is a perfect storm for malicious website operators who continue to exploit unsuspecting users.
To help users combat the glut of malicious sites, we recommend services such as those offered by http://www.iblocklist.com or http://hosts-file.net/. All Internet users should limit their "attack surface" by curtailing connectivity to malicious websites. To further limit their exposure, users should take advantage of online services to check on the status of suspicious Internet domains. Mozilla has developed plugins for modern browsers, including supported hand-helds, Firefox and IE versions, based on the Web of Trust (WOT). These plugins are freely available from Mozilla and show abusive websites while warning unsuspecting users prior to establishing connectivity with such sites. It is important for all Internet users to protect themselves with the use of such tools as it will limit their exposure to malicious websites and Malware infections.
Other tools that should be used to reduce end-user attack surfaces include those provided by online blacklist services. These services can be found at the following URLs shown below. Naturally if a domain shows to be blacklisted for abusive activity, then it stands to reason that such a site must be avoided until such time as the registered owner corrects that condition. End-users and Internet Service Providers must take more proactive roles in responding to malicious web site abuses and protecting their respective computers.
nGran has added more real time information feeds from industry leaders and links to the Federal Trade Commission (FTC) IDTheft web site to help raise awareness to the growing spyware and identity theft problems in the marketplace. Click on the Alliances link for more information. Also, visit our Research page to see our site threat lists, whitepapers, and products that are currently available.
Finally, we recommend that users contact the Internet Crime Complaint Center (IC3) for their latest information about protecting your PII and means of lodging complaints against malicious websites. IC3 can be contacted at the following link;
This Web site is designed to work best when using version 3.0 or higher of Mozilla Firefox or version 6.0 or higher of Microsoft's® Internet Explorer. nGran, LLC believes that the information posted on this website is accurate as of its publication date; such information is subject to change without notice. nGran is not responsible for any inadvertent errors. All trademarks and registered trademarks are property of their respective owners. Copyright 2002-2014, nGran, LLC. All rights reserved.