Blog for hpHosts, and whatever else I feel like writing about ....

Wednesday, 23 May 2012

File hosts + Malware

Over the years, we've seen file hosting being abused to house malicious payloads that are either downloaded by a "dropper", or are used in the likes of drive-by attacks.

One of the most common ones abused today, is of course, However, over the past 24 months, I formed a fantastic relationship with them that has proven extremely effective in getting the malware removed extremely quickly. One of the methods criminals such as those at, are using to get past this, is by setting up their own dedicated file hosts. Just some off the top of my head include;

I've been successful in getting a few suspended, and others not so successful (yet), thanks in part, to lack of co-operation from the likes of eNom, NameCheap and CloudFlare etc. Some that have been suspended, such as, have re-appeared elsewhere and re-suspended, and as of 24-48 hours ago, re-appeared yet again.

The latest to be suspended, is, which kept allowing and encouraging, malicious files to be uploaded (not surprising, the owner of the site is an active member of a blackhat forum).

The blackhat scanners these use to check if their file is detected, includes;

If you've not already got a block on the above file hosts, I'd strongly recommend you do so. Other sites they're using, aside from, include;


Mike Peters said...


Love what you're doing with HPHosts!

I represent

We have a strict policy against users abusing our service to distribute malware, adware, viruses and copyrighted material.

Abuse complaints are handled immediately and the offending users are blocked for eternity.

We are in this for the long-haul.

Feel free to reach out to me directly or use the abuse link on our homepage to report abuse.

FileToLink is powered by real people, with a single goal - to create the world's best file sharing service.

Recently, we've begun taking extreme measures to ensure all uploads and downloads are done by registered users. Over the next few weeks, we will continue these efforts, to a point where we have documentation for every file exchange - requiring users to register before they can use our service.

Thanks again for your cooperation and feel free to reach out to us anytime!

MysteryFCM said...

Good to hear from you, and thank you.

Thank you also for indirectly bringing my attention to the horrid formatting Blogspot decided the post should be in.

Mike Peters said...


It's not that bad. It's readable.

Although I have to say we are feeling a lot of love to Tumblr lately.

If you're considering switching, definitely check them out!