Non-Commercial Block Lists

Protection Against Malware and Ransomware

A Community Since 2005

The Malware Patrol project began over a decade ago as a group sharing malicious URLs. This community, more active than ever, continues to collect, analyze, and monitor malware. We are proud to provide a platform and resources to facilitate the collection and distribution of our community’s data. It is our belief that information sharing is one of the most effective ways to fight against cyber threats.

Our data is available in the form of URL block lists. For ease of use, we have formatted our lists to be compatible with the most common open source DNS, firewall and anti-virus platforms and software.

In the spirit of open source community, we kindly request that our users share suspect emails and URLs by sending them to You can also set up a spam trap. All submissions are verified hourly and any new malicious URLs will be immediately added to our block lists to protect our users. Your single submission could help protect thousands!


If you plan to use our data to protect your customers, a commercial license is required.

Free Block Lists

Malware and ransomware URL block lists updated EVERY 72 HOURS. Available in the formats listed below. This data is for non-commercial use by any individual, group or organization, public or private.

Premium Block Lists

Malware and ransomware URL block lists updated EVERY HOUR. Available in more formats than free version. Non-commercial use only. The subscription fees help us maintain our infrastructure. Options below.

Educational Organizations

Educational organizations and regular contributors qualify for free subscriptions to our Premium Block Lists for the protection of their internal users and networks. Request your account here.


Updated Every 72 Hours
  • BIND like DNS Servers block list
  • Carbon Black 4.1+ domains IOCs
  • Carbon Black 4.1+ MD5s IOCs
  • ClamAV Virus DB (basic) block list
  • ClamAV Virus DB (ext) block list
  • DansGuardian block list
  • Firekeeper 0.2.9 or newer block list
  • Hermes SEG
  • Hosts file – block list
  • Hosts file – block list
  • Hosts file – block list
  • Hosts file – MacOS pre OS-X block list
  • MailWasher block list
  • MaraDNS – CVS2 block list
  • Microsoft DNS Server block list
  • Mozilla cookie filtering block list
  • Mozilla Firefox AdBlock block list
  • pfBlockerNG
  • pfSense
  • Postfix MTA block list
  • SmoothWall block list
  • SpamAssassin block list
  • Squid Web Proxy ACL block list
  • SquidGuard block list
  • Suricata IDS / IPS block list
  • Symantec Security for SMTP block list
  • Symantec WebSecurity block list
  • Instant access
  • Automatically downloadable (via scripts)
  • Malware Patrol Download script available
  • Password protected login
  • MD5 hashes (to verify downloaded integrity)
  • Regular block lists
  • Aggressive block lists
  • Non-commercial usage license
  • Commercial usage license