Stay away from this address like the Plague

[Jack-Sparr0w]

ipsum/levels at master · stamparm/ipsum

Daily feed of bad IPs (with blacklist hit scores). Contribute to stamparm/ipsum development by creating an account on GitHub.

github.com

https://raw.githubusercontent.com/stamparm/ipsum/refs/heads/master/levels/1.txt

https://raw.githubusercontent.com/stamparm/ipsum/refs/heads/master/levels/3.txt

Full of Malware

I stole addresses and remade it into a clean list, No malware on my version. look at pictures below to see

https://raw.githubusercontent.com/Jack-Sparr0w-2o4/Stamparm-level-1/refs/heads/main/Filterlist

https://raw.githubusercontent.com/Jack-Sparr0w-2o4/Stamparm-level-3/refs/heads/main/Filterlist

 

[Jack-Sparr0w]

https://raw.githubusercontent.com/jumpsmm7/GeneratedAdblock/master/filter.list uses stamparm 1

https://raw.githubusercontent.com/ViktorJp/Skynet/main/filter.list uses stamparm 2

If your firewall has issues, Its mainly this guys fault. https://github.com/stamparm

Name is Miroslav Stampar

 

[dave14305]

You are upset that a malware blocking list contains IPs known to host…malware?

 

[Jack-Sparr0w]

The link itself is reported as malware. Malwarebytes reports it as malware. also had my firewall freeze up a few times until I changed it. wondering if you guys see same thing?

 

[Davidncali001]

The link itself is reported as malware. Malwarebytes reports it as malware. also had my firewall freeze up a few times until I changed it. wondering if you guys see same thing?

Malwarebytes isn’t flagging the blocklist because it’s malware. The file is just a plain text list of bad IPs collected from abuse reports. Since the list is full of addresses Malwarebytes already considers malicious, it thinks you’re dealing with something risky. In reality, the list itself is safe because you’re blocking those IPs and not connecting to them.

 

[Jumpstarter]

https://raw.githubusercontent.com/jumpsmm7/GeneratedAdblock/master/filter.list uses stamparm 1

https://raw.githubusercontent.com/ViktorJp/Skynet/main/filter.list uses stamparm 2

If your firewall has issues, Its mainly this guys fault. https://github.com/stamparm

Name is Miroslav Stampar

Yea he's been putting malware in those lists for a long time. I don't know how you are just now figuring this out.

GitHub - sqlmapproject/sqlmap: Automatic SQL injection and database takeover tool

Automatic SQL injection and database takeover tool - sqlmapproject/sqlmap

github.com

 

[Jack-Sparr0w]

Malwarebytes isn’t flagging the blocklist because it’s malware. The file is just a plain text list of bad IPs collected from abuse reports. Since the list is full of addresses Malwarebytes already considers malicious, it thinks you’re dealing with something risky. In reality, the list itself is safe because you’re blocking those IPs and not connecting to them.

I remade the list with al the addresses. not happening on my end now

 

[Jack-Sparr0w]

Just been looking into this type of attack lately. See below

Changing a single letter in a text to a character from a different language, particularly one that visually resembles the original letter, is a technique used in phishing attacks to deceive users. For example, hackers may substitute a Cyrillic "а" (which looks identical to the Latin "a") for the Roman letter "a" in a website's URL, potentially redirecting users to a malicious site that appears legitimate. This method exploits visual similarities between characters from different writing systems, such as the Latin and Cyrillic alphabets, to create deceptive web addresses. While this tactic is not directly related to leet speak, which involves substituting letters with numbers or symbols for stylistic or obfuscation purposes , both techniques aim to alter text in ways that can mislead or bypass automated filters.

 

[Jack-Sparr0w]

hospitals are having a problem with this in recent months