Seems like NIC.RU has been cleaning house a bit. The recent Storm worm domains appear to have all been cleared up. This domain appears to be dead in both the whois records – it says the domain is locked – and DNS databases. UPDATED a short while after it was originally posted to note that [...]
I took the list of domain names seen in the new Peacomm lure runs – the Christmas and New Year’s campaign – and written a ClamAV signature generator for them. This is based on the signature generation techniques described by the ClamAV docs. Basically what it does is look for the “newline” “storm URL” pattern [...]
Based on a bunch of sources: familypostcards2008.com freshcards2008.com happy2008toyou.com happycards2008.com happysantacards.com hellosanta2008.com hohoho2008.com merrychristmasdude.com newyearcards2008.com newyearwithlove.com parentscards.com postcards-2008.com santapcards.com santawishes2008.com uhavepostcard.com All of these are worth blocking by DNS methods (become the local SOA, NXDOMAIN them) and looking for in your emails (look for a simple URL with those domain names near the end of [...]