Beware of these Malware Downloader websites

The following websites are noted down as websites which host malicious files. The malicious files are used by cybercriminals to infect unaware internet users with malware.

205.186.183.254 ekiaioocms.gs07.gridserver.com opencandy.com
198.50.209.4 holdmyreq.co
184.168.221.57 ip-184-168-221-57.ip.secureserver.net ginaul.info
184.168.221.54 ip-184-168-221-54.ip.secureserver.net acamur.info
184.168.221.48 ip-184-168-221-48.ip.secureserver.net botois.info
184.168.221.45 ip-184-168-221-45.ip.secureserver.net retcer.info
184.168.221.44 ip-184-168-221-44.ip.secureserver.net file8desktop.com
184.168.221.40 ip-184-168-221-40.ip.secureserver.net irombi.info
184.168.221.33 ip-184-168-221-33.ip.secureserver.net salven.info
54.240.184.130 server-54-240-184-130.ams50.r.cloudfront.net d34107g20nvzuk.cloudfront.net
54.230.131.225 server-54-230-131-225.ams50.r.cloudfront.net d34107g20nvzuk.cloudfront.net
54.230.131.61 server-54-230-131-61.ams50.r.cloudfront.net d34107g20nvzuk.cloudfront.net
54.230.130.232 server-54-230-130-232.ams50.r.cloudfront.net d34107g20nvzuk.cloudfront.net
54.230.130.52 server-54-230-130-52.ams50.r.cloudfront.net d34107g20nvzuk.cloudfront.net
54.230.129.160 server-54-230-129-160.ams50.r.cloudfront.net d34107g20nvzuk.cloudfront.net
54.230.129.79 server-54-230-129-79.ams50.r.cloudfront.net d34107g20nvzuk.cloudfront.net
54.230.128.188 server-54-230-128-188.ams50.r.cloudfront.net d34107g20nvzuk.cloudfront.net
54.187.165.155 ec2-54-187-165-155.us-west-2.compute.amazonaws.com securedownload01.com
50.63.202.47 ip-50-63-202-47.ip.secureserver.net bumese.info
50.63.202.39 ip-50-63-202-39.ip.secureserver.net zaream.info
50.63.202.37 ip-50-63-202-37.ip.secureserver.net cowesl.info

The victims accidentally (are forced) download an file from one of the malware downloader websites which have been listed above, once the victim downloads and execute the malicious file, the malicious file will start performing unwanted actions on the infected device.

  • The unwanted actions can be but are not limited to:
  • providing remote access to the cybercriminal
  • locking up all the files on the device with a password (ransomware)
  • leaking personal / financial information

We strongly urge you to blacklist these domains.

CYBERCRIME online revenue