MALWARE DOMAINS HOSTED BY GODADDY
All of these domains were extracted from Malware that was put on my computers as a victim of Robert "Lee" Suddeth's many targeted attacks. The are from an actual altered local hosts file and point to his digital assets,
Possible reasons to change the hosts file
These predefined entries in the hosts file can exist for several reasons:
- Blocking: some people (who are oftentimes unaware that hosts files can be installed by their security programs) use them to block unwanted sites by connecting malicious or otherwise unwanted domains to the IPs 127.0.0.1 or 0.0.0.0 that both point at the requesting system itself, so in effect there will be no outgoing traffic for these requests.
- Pointing: for example, system administrators use the hosts file to map intranet addresses.
Malware uses it for their own reasons, where the two most common ones are:
- To block detection by security software: for example, by blocking the traffic to all the download or update servers of the most well-known security vendors.
- To redirect traffic to servers of their choice: for example, by intercepting traffic to advertisement servers and replacing the advertisements with their own.