The Latest in IT Security

Dynamic DNS sites you might want to block II


These Dynamic DNS domains belong to a mystery outfit called, and several of them seem to be in the process of being abused by third parties (for example). The registrations seem to be anonymised, some poking around at the recent WHOIS history of one of these domains ( reveals ownership details of:

      Manager, Domain  [email protected]
      Invertebrate ISP
      PO Box 405
      Glenmont, New York 12077
      United States

More digging at comes up with a real name:

      Wilde, Tim  [redacted]
      Glenmont, New York 12077
      United States
      [redacted]      Fax -- 

Anyway, Mr Wilde is  not connected with the malicious activity going on with these domains, but he is providing a service that is being abused. Interestingly he founded DynDNS before selling it on.

Dynamic DNS services can be useful, but my personal recommendation is that you should consider blocking them as the bad guys are very good at abusing them. Overall, these are not as bad as the ones run by (see here).

There are two versions of this list, one links through to the Google
Safe Browsing diagnostics report in case you want to review them on a
case-by-case basis before blocking them (yellow highlighted ones have some malware, red
highlighted ones are blocked by Google). The second one is a plain list
of everything in case you want to block them completely. [report] [report] [report] [report] [report] [report] [report] [report] [report] [report] [report] [report] [report] [report] [report] [report] [report] [report] [report] [report] [report] [report] [report] [report] [report] [report] [report]

Plain list for copy-and-pasting:

Leave a reply


MONDAY, MARCH 19, 2018



Latest Comments

Social Networks