## hosts-blocklists
## blocklists-cyble

## https://blog.cyble.com/

# https://blog.cyble.com/2022/12/23/new-youtube-bots-malware-spotted-stealing-users-sensitive-information/
e-csc.gov.co.in
e-cscgov.co.in
e-cscgov.com
ecscgov.co.in

# https://blog.cyble.com/2022/12/16/sophisticated-darktortilla-malware-spreading-via-phishing-sites/
atomm.com.br
Cicsom.com
Gnammarly.com

# https://blog.cyble.com/2022/12/09/threat-actors-targeting-fans-amid-fifa-world-cup-fever/
claim-fifa.live
fifa-uj.top
football-blnance.com
kora442.com
playskeep.com

# https://blog.cyble.com/2022/12/01/ducklogs-new-malware-strain-spotted-in-the-wild/
Ducklogs.com
ilovetheducks.ru
lovableduck.ru
quackquack.ru
smallduck.ru

# https://blog.cyble.com/2022/11/30/fraudulent-digital-lending-andriod-app-steals-users-sensitive-data/
api.loanbee.tech

# https://blog.cyble.com/2022/11/30/redline-stealer-being-distributed-via-fake-express-vpn-sites/
express-vpns.biz
express-vpns.cloud
express-vpns.fun
express-vpns.online
express-vpns.pro
express-vpns.xyz

# https://blog.cyble.com/2022/11/23/fake-msi-afterburner-sites-delivering-coin-miner/
matrizauto.net

# https://blog.cyble.com/2022/11/22/over-2-million-users-affected-with-browser-hijackers/
go.searchsecurer.com
internet-start.net
rkn.gov.ru
searchsecurer.com
smartwebfinder.com
ultrasurfing.com

# https://blog.cyble.com/2022/11/15/phishing-campaign-targeting-indonesian-bri-bank-using-sms-stealer/
brimo-login-id.apk-ind.com
brimo-login-ind.apk-online.com
id-bri-login.apk-online.com
id-login-brimo.apk-ind.com
id-login-brimo.apk-online.com
ionicio.com
login-bri-ib.apk-ind.com
login-brimo-tarif.com
skematrf-login.apk-ind.com

# https://blog.cyble.com/2022/11/09/emotet-returns-targeting-users-worldwide/
bayernbadabum.com
copayucatan.com.mx
cursosweb.com.br
db.rikaz.tech
designelis.com.br

# https://blog.cyble.com/2022/11/02/new-laplas-clipper-distributed-by-smokeloader/
clipper.guru

# https://blog.cyble.com/2022/10/27/drinik-malware-returns-with-advanced-capabilities-targeting-indian-taxpayers/
gia.3utilities.com

# https://blog.cyble.com/2022/10/25/dual-malware-infection-targets-cryptocurrency-users/
s457516.ha003.t.justns.ru

# https://blog.cyble.com/2022/10/18/ermac-android-malware-increasingly-active/
apk-combos.com
app-vidmate.com
app-vidmates.com
app-vidmates.link
m-apkpures.com
paltpal-apk.com
payce-google.com
payse-google.com
snacpchat-apk.com
vidmates-app.com

# https://blog.cyble.com/2022/10/14/online-file-converter-phishing-page-spreads-redline-stealer/
convertigoto.net

# https://blog.cyble.com/2022/10/13/mitsu-stealer-distributed-via-anydesk-phishing-site/
anydesk.ml

# https://blog.cyble.com/2022/10/11/massive-tech-support-scam-exposed/
0022winsupportonline.xyz
0044winsupportonline.xyz
0066winsupportonline.xyz
0077winsupportonline.xyz
0088winsupportonline.xyz
2ioshelotheisbsheibsios2.xyz
3iosheloproducttuoebsusios3.xyz
8winsupportinonwgrtw8.xyz
9winsuuportoiblineghswin9.xyz
10winsuuportoiblineghswin10.xyz
2424ioshelponlinehekowios2424.xyz
2727iossupportonlingegetios2727.xyz
2929ioshelponlineios2929.xyz
3030winsupportonline3030.xyz
3131winsupportolnlineghets3131.xyz
3232winsupportolnlineghets3232.xyz
3333winsupoortonlineget3333.xyz
3434winsupoortonlineget3434.xyz
4040iossupportonlineios4040.xyz
4242iossupportonlineios4242.xyz
4343iossupportonlineios4343.xyz
4444winsupportonlinehelp.xyz
4545winsupportonlinehelp.xyz
4646winsupportonlinehelp.xyz
4747winsupportonlineherk.xyz
4848winsupportonlineherk.xyz
4949winsupportoninehelp.xyz
5050winsupportoninehelp.xyz
5151winsupportonlineget.xyz
5252winsupportonlineget.xyz
5353winsupportonlineget.xyz
5454winsuppottonline.xyz
5555winsuppottonline.xyz
5656winsuppottonline.xyz
5858winsupportonline.xyz
5959winsupportonline.xyz
6161winsupportonline.xyz
6262winsupportonline.xyz
6363winsupportonline.xyz
6464winsupportonline.xyz
7070winsupportonline.xyz
7272winsupportonline.xyz
7373winsupportonline.xyz
7474winsupportonline.xyz
7575winsupportonline.xyz
7676winsupportonline.xyz
7878winsupportonline.xyz
8080winsupportonlinee.xyz

# https://blog.cyble.com/2022/10/07/modified-fivem-spoofer-targeting-gamers/
cloud-spoofer.xyz

# https://blog.cyble.com/2022/07/21/amextroll-android-banking-trojan-spotted-in-the-wild/
infoapp.pro

# https://blog.cyble.com/2022/07/19/new-malware-campaign-targets-russia/
vtbsu.club

# https://blog.cyble.com/2022/07/13/airavat-malware-targeting-android-users/
blindajeseguro.online
dragomitch.com
jhon-30119-default-rtdb.firebaseio.com

# https://blog.cyble.com/2022/07/07/nomercy-stealer-adding-new-features/
six-clowns-sing-103-119-240-166.loca.lt

# https://blog.cyble.com/2022/07/01/xloader-returns-with-new-infection-technique/
htmlpreview.github.io@oshi.at

# https://blog.cyble.com/2022/06/29/bahamut-android-malware-returns-with-new-spying-capabilities/
gkcx6ye4t4zafw8ju2xdr5na5.de
iminglechat.de
securechatnow.com

# https://blog.cyble.com/2022/06/23/matanbuchus-loader-resurfaces/
extic.icu
telemetrysystemcollection.com

# https://blog.cyble.com/2022/06/22/quantum-software-lnk-file-based-builders-growing-in-popularity/
quantum-software.online

# https://blog.cyble.com/2022/06/13/hydra-android-malware-distributed-via-play-store/
allupdatesecuretynow.com
servservfreeupdate.top
wayneconnectingservice.hk

# https://blog.cyble.com/2022/06/06/android-malware-distributed-via-smishing/
bbva.movil-es.icu
clientesbbvalock.com
privasol.xyz

# https://blog.cyble.com/2022/06/03/cve-2022-30190-actively-exploited-in-the-wild/
seller-notification.live

https://blog.cyble.com/2022/05/31/new-zero-day-exploit-spotted-in-the-wild/
xmlformats.com

# https://blog.cyble.com/2022/05/25/ermac-back-in-action/
apkphoto.co.nz
bolt-food.site
boltfood.site

# https://blog.cyble.com/2022/04/27/emotet-returns-with-new-ttps-and-delivers-lnk-files-to-its-victims/
cipro.mx
colegiounamuno.es
creemo.pl
demo34.ckg.hk
filmmogzivota.rs
focusmedica.in

# https://blog.cyble.com/2022/04/27/dissecting-saintstealer/
f0591243.xsph.ru

# https://blog.cyble.com/2022/04/22/malicious-app-targets-turkish-ministry-of-justice/
sanatatolyesii.com

# https://blog.cyble.com/2022/04/19/fake-metamask-app-steals-cryptocurrency/
Metamask-cn.win
matemask.bid
matemask.men
matemask.lol
matemask.kim
Metamask-cn.club
matemask.tel
Metamask.lawyer
Metamask-cn.asia
Metamask.engineer
matemask.cool
Metamaskn.com

# https://blog.cyble.com/2022/04/05/inside-lightning-stealer/
panelss.xyz

# https://blog.cyble.com/2022/03/31/phishing-pages-used-for-malware-delivery/
srqc.online

# https://blog.cyble.com/2022/03/24/coper-banking-trojan/
s22231232fdnsjds.top
s32231232fdnsjds.top
s42231232fdnsjds.top

# https://blog.cyble.com/2022/03/11/ongoing-russia-ukraine-warfare-significant-cyber-incidents/
gov-ua.net
vuxner.com

# https://blog.cyble.com/2022/02/26/emotet-malware-back-in-action/
ajmotorsshop.com
akhrailway.com
beta2.emeritus.org
cmbavocat.fr
diyabip.com
foxofeli.com
idvlab.com.br
institutionsevigne.org
karmapedia.com
moveconnects.com
msubrahm.com
remedy.eventmasti.com
themillionairesweb.com

# https://blog.cyble.com/2022/02/25/vultur-banking-trojan-spreading-via-fake-google-play-store-app/
letsbeapornostar.club
privacyandroidapp.club

# https://blog.cyble.com/2022/02/18/new-sharkbot-variant-discovered/
mnbvakjjouxir0zkzmd.xyz

# https://blog.cyble.com/2022/02/11/deep-dive-analysis-caprarat/
android.viral91.xyz

# https://blog.cyble.com/2021/12/27/spyware-targeting-customers-of-top-indian-banks/
datasmsalluser.in
testchat8564.herokuapp.com
testdata112.orgfree.com
unsaleable-curls.000webhostapp.com

# https://blog.cyble.com/2021/12/23/malicious-app-targets-major-brazilian-bank-itau-unibanco/
acesso.sincronizadorltoken.com 

# https://blog.cyble.com/2021/12/13/log4j-rce-0-day-vulnerability-in-java-actively-exploited/
51afd2f8.probe001.log4j.leakix.net
69.164.215.204-A-9200.774dda06.dataastatistics.com
139.162.37.91-A-9200.774dda06.dataastatistics.com
159.65.193.91-A-9200.774dda06.dataastatistics.com
185.56.88.86-A-9200.774dda06.dataastatistics.com
194.195.113.8-A-9200.774dda06.dataastatistics.com
998bb3b3.probe001.log4j.leakix.net
f0d609e4.probe001.log4j.leakix.net

# https://blog.cyble.com/2021/12/06/apt37-using-a-new-android-spyware-chinotto/
haeundaejugong.com

# https://blog.cyble.com/2021/12/01/banking-trojan-targets-banking-users-in-malaysia/
csapks.online
redlabapi.online

# https://blog.cyble.com/2021/11/26/new-telegram-based-malware-aberebot-2-0-targets-social-media-cryptocurrency-applications-and-213-banks-in-22-countries/
itts.hr

# https://blog.cyble.com/2021/11/12/new-joker-variant-utilizes-multi-stage-payloads-technique/
10-9mopub.oss-ap-southeast-6.aliyuncs.com
q60uwsyk0p.s3.ca-central-1.amazonaws.com
wo0.oss-accelerate.aliyuncs.com

# https://blog.cyble.com/2021/11/11/gravity-rat-malware-returns-as-a-chat-application/
api1.androidsdkstream.com

# https://blog.cyble.com/2021/10/29/a-variant-of-oscorp-masquerades-as-flash-player-app-targeting-global-users/
leevinsbots.xyz
ttneiv.com

# https://blog.cyble.com/2021/10/28/new-variant-of-fakecop-targeting-users-from-japan/
210902.top

# https://blog.cyble.com/2021/10/26/a-deep-dive-analysis-of-azorult-stealer/
mantata.ac.ug
marcyovcx.ru
marketprice.pk
matisaas.ac.ug
milsom.ac.ug
playwell.ug	​
scarsa.ac.ug
wellplayed.ug

# https://blog.cyble.com/2021/10/22/fake-voicemail-app-built-through-xamarin-platform-spreads-spyware/
0pcnerd0-31594.portmap.host

# https://blog.cyble.com/2021/10/11/flubot-v4-9-spreading-across-new-zealand/
asfnfpfibhtrafy.ru
diekqueqmlpmofa.cn
gsvjcagswqsaosn.ru
kkwpifwkkxilltk.ru
revgmkegctflpes.ru
yoquqwxxjttsmuh.ru

# https://blog.cyble.com/2021/10/05/fake-balochi-shayri-app-masquerading-as-legitimate-application-appears-to-be-affecting-ethnic-balochi-users/
173.249.50.34-shareboxs.net

# https://blog.cyble.com/2021/09/30/a-new-variant-of-hydra-banking-trojan-targeting-european-banking-users/
hastztafc66.xyz	

# https://blog.cyble.com/2021/09/23/medusa-malware-spreading-via-fake-canadian-government-covid-19-portal/
covid19-ca.link
sock.godforgiveuss.live

# https://blog.cyble.com/2021/09/15/apt-c-23-using-new-variant-of-android-spyware-to-target-users-in-the-middle-east/
cecilia-gilbert.com
david-gardiner.website
javan-demsky.website
linda-gaytan.website

# https://blog.cyble.com/2021/09/14/apt-group-targets-indian-defense-officials-through-enhanced-ttps/
secure256.net

# https://blog.cyble.com/2021/09/14/deep-dive-analysis-of-s-o-v-a-android-banking-trojan/
a0545193.xsph.ru
l8j1nsk3j5h1msal973nk37.fun 

# https://blog.cyble.com/2021/09/09/flubot-variant-masquerading-as-the-default-android-voicemail-app/
asfnfpfibhtrafy.ru
kkwpifwkkxilltk.ru
poceeubeciuqyto.ru

# https://blog.cyble.com/2021/09/07/fake-income-tax-application-targets-indian-taxpayers/
jsig.quicksytes.com

# https://blog.cyble.com/2021/08/12/a-deep-dive-analysis-of-redline-stealer-malware/
newlife957.duckdns.org

# https://blog.cyble.com/2021/08/11/blackmatter-ransomware-attack-impacting-multiple-financial-institutions/
mojobiden.com
paymenthacks.com

# https://blog.cyble.com/2021/08/10/bahamut-threat-group-targeting-users-through-phishing-campaign/
h94xnghlldx6a862moj3.de	

# https://blog.cyble.com/2021/07/28/a-deep-dive-analysis-of-a-fake-coronapp-targeting-android-users-from-colombia/
androidmedallo.duckdns.org

# https://blog.cyble.com/2021/07/21/fake-ad-blockers-targeting-android-devices-through-adware-campaign/
eftingepar.biz 	

# https://blog.cyble.com/2021/07/09/android-app-disguised-as-a-qr-scanner-spreads-joker-variant-trojan/
onemoretime.oss-us-east-1.aliyuncs.com

# https://blog.cyble.com/2021/06/21/djvu-malware-of-stop-ransomware-family-back-with-new-variant/
asvb.top 

# https://blog.cyble.com/2021/06/03/kimsuky-apt-group-distributes-fake-security-app-disguised-as-kisa-security-program/
app.at-me.ml

# https://blog.cyble.com/2021/05/27/android-trojan-malware-disguised-as-syrian-e-gov-android-app/fd1aac87399ad22234c503d8adb2ae9f0d950b6edf4456b1515a30100b5656a7 	SHA256   
internetwideband.com

# https://blog.cyble.com/2021/05/12/darkside-attack-forces-the-largest-fuel-pipeline-in-the-u-s-to-shutdown/
catsdegree.com
temisleyes.com

# https://blog.cyble.com/2021/05/03/android-sms-worm-impersonating-covid-19-vaccine-registration-app-spreads-via-text-messages/
awsdus.api.p3insight.de

https://blog.cyble.com/2021/05/02/mobile-malware-app-anubis-strikes-again-continues-to-lure-users-disguised-as-a-fake-antivirus/
darkweb.bitcoingen.store

# https://blog.cyble.com/2021/02/17/confucius-apt-android-spyware-targets-pakistani-and-other-south-asian-regions/
chatk.goldenbirdcoin.com
cucuchat.com
data10.000webhostapp.com
global134.000webhostapp.com
mlservices.online
msoffice.user-assist.site
pieupdate.online
samaatv.online
sunshinereal.000webhostapp.com
tea-time.link
wixten.000webhostapp.com
wordupdate.com

# https://blog.cyble.com/2021/02/15/ngrok-platform-abused-by-hackers-to-deliver-a-new-wave-of-phishing-attacks/
3b6859c00864.ngrok.io
4a826717681a.ngrok.io
4f421deb219c.ngrok.io
7f37e07fc0f9.ngrok.io
8c8a73773aef.ngrok.io
8e3d3f5d9ca3.ngrok.io
9be055fae612.ngrok.io
9d448ee31851.ngrok.io
64bdaf63996c.ngrok.io
98de9202cf1d.ngrok.io
232fa25e1abe.ngrok.io
2106ef42b27b.ngrok.io
b36a3cf2dc0f.ngrok.io
b96bd67151a.ngrok.io
bd69091.ngrok.io
c1df5c5c340e.ngrok.io
dcf4820d88b8.ngrok.io
ed23321e00e2.ngrok.io
f7e82c8b73a6.ngrok.io
fc6cbeaa8cbb.ngrok.io
fd4a5b0113b7.ngrok.io
fe7544eeda51.ngrok.io

# https://blog.cyble.com/2021/01/12/earth-wendigo-hackers-exploit-emails-through-javascript-backdoor/
admin.googletwtw.com
admin.mail2000tw.com
anybodyopenfind.com
bf.googletwtw.com
bf.mail2000tw.com
googletwtw.com
mail2000tw.com
support.anybodyopenfind.com
supports.anybodyopenfind.com
supportss.anybodyopenfind.com
ws.googletwtw.com

# https://blog.cyble.com/2020/12/31/strongpity-apt-extends-global-reach-with-new-infrastructure/
hybirdcloudreportingsoftware.com
transferprotocolpolicy.com
updserv-east-cdn3.com
uppertrainingtool.com

# https://blog.cyble.com/2020/12/18/how-hackers-targeted-the-covid-19-vaccine-supply-chain/
roud3servers.tk

# https://blog.cyble.com/2020/11/17/oceanlotus-continues-with-its-cyber-espionage-operations/
summerevent.webhop.net

# https://blog.cyble.com/2020/10/19/gamaredon-apt-targeting-ukraine-with-new-variants/
moris.hopto.org
sakidus.myftp.org
srv159232.hoster-test.ru
srv166997.hoster-test.ru

# 25