# Copyright (c) 2014-2020 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://news.sophos.com/en-us/2018/12/06/android-clickfraud-fake-iphone/

mobbt.com
act.mobbt.com
ads.mobbt.com
sdk.mobbt.com
exevents.nativeone.co

# Reference: https://www.virustotal.com/gui/file/ec54dbb4c55b92df2113fb07ef1486a39bb5c752272230bb774018573f537132/detection

bearclod.com

# Reference: https://github.com/advanced-threat-research/IOCs/blob/master/2013/2013-04-09-one-click-fraud-variant-on-google-play-in-japan-steals-user-data/one-click-fraud-variant-on-google-play-in-japan-steals-user-data.csv

/?neosp_nontop_eropne01

# Reference: https://github.com/advanced-threat-research/IOCs/blob/master/2013/2013-07-31-japanese-one-click-scammers-abuse-mobile-traffic-exchange-service/japanese-one-click-scammers-abuse-mobile-traffic-exchange-service.csv

porn12345.com

# Reference: https://github.com/advanced-threat-research/IOCs/blob/master/2016/2016-04-29-fake-android-update-delivers-sms-click-fraud-europe/fake-android-update-delivers-sms-click-fraud-europe.csv

6-androdid.ru
alfabrong.eu
bugstracking.xyz
bugtracking.biz
francia-apk.ru
freeupgrade6.ru
innotion.pw
postway12.ru
slidetracking.ru
traff16.ru
traffic2015.ru
update-free-andr-6.ru

# Reference: https://github.com/advanced-threat-research/IOCs/blob/master/2016/2016-05-04-android-malware-clicker-dgen-found-google-play/android-malware-clicker-dgen-found-google-play.csv

update-sys-android.com

# Reference: https://github.com/advanced-threat-research/IOCs/blob/master/2017/2017-09-12-android-click-fraud-app-repurposed-ddos-botnet/android-click-fraud-app-repurposed-ddos-botnet.csv

ybosrcqo.us

# Reference: https://news.drweb.com/show/?lng=en&i=13464&c=14
# Reference: https://www.virustotal.com/gui/file/8809ea2387e140002654da141745baf615964452c6f2e4fee6fa9c7be1be745f/detection
# Reference: https://www.virustotal.com/gui/file/8a87f4ddb0b22c5f350029a1fb999ca058165eed05fa9dc79ab9dad9a6190e69/detection

161.117.8.243:8998
http://52.221.78.239