[Peter Kleissner]

Latest updates:
- added Conficker A and B domains to the blackklist
- Pimped the blocklist a little (added for example latest UrlZone domains)
- Now monitoring of Sinowal!

Data sharing (e.g. for nex, but also other 3rd parties) should also be avl soon. Just had no one yet for writing a script to export the data.

[hanan]

how does you know the amount of infections? is it by collecting DNS queries or by registering for yourself one of the domains from the DGA ?

[Peter Kleissner]

Yup I have a shitloads of domains, classical sinkholing. But there's more behind the entire Virus Tracker system, I am also monitoring all the C&Cs, generating automatically the blocklist etc.

Right now I am starting to implement at least some protocols of the banking trojans in order to get the latest stuff out of the real C&Cs and provide it to the security industry.

[Buster_BSA]

Nice work, Peter!

If you do not mind I would like to use your list in Buster Sandbox Analyzer.

[Peter Kleissner]

Nice work, Peter!

If you do not mind I would like to use your list in Buster Sandbox Analyzer.

Sure, feel free to use it!

[Buster_BSA]

Sure, feel free to use it!

Thank you very much!

Next release will be using it.

[Peter Kleissner]

There have been some new features introduced on Virus Tracker. One is now a free domain classifying service, it allows you to check domains (if they are parked/expired, suspended, sinkhole, active and so on) and outputs the result as CSV. You can find more information here http://blog.virustracker.info/?p=47

Other changes were:
- adding more botnets to both showing infection statistics
- adding more botnets to the blocklist
- catching all mails being sent to @rbnnetwork.com, generating a summary xlsx