[BLOCK] joinmassive.com

[r2fo]

joinmassive.com
api.joinmassive.com
geo-network.joinmassive.com
network.joinmassive.com

Why should these domain(s) be blocked?

Massive offers monetization SDK’s to developers to put in their Android app and Windows programs. This SDK will use the user’s internet connection as a proxy, in the past it used to mine cryptocurrency on the user’s pc too.

It seems like they use several subdomains under the joinmassive.com domain for C&C, but just to be safe I think it’s better to block *.joinmassive.com.

Their site advertises these services: https://joinmassive.com

This video features a deep dive into a program which uses the Massive SDK: https://youtu.be/_Q_F04Wd23k

[StevenBlack]

Thank you for this @r2fo.

We certainly won't list the root domain unless the root domain is directly used for conveying adware, tracking, malware, or worse. We aren't in the business of judging companies, and de-platforming those companies. We just try to block their heinous vectors.

Also, hosts files don't do wild cards.

What we need are specific domain names that are used to ferry the crap.

[r2fo]

Thank you for this @r2fo.

We certainly won't list the root domain unless the root domain is directly used for conveying adware, tracking, malware, or worse. We aren't in the business of judging companies, and de-platforming those companies. We just try to block their heinous vectors.

Also, hosts files don't do wild cards.

What we need are specific domain names that are used to ferry the crap.

It seems like the SDK uses these domains for reporting back to Massive and receiving tasks

api.joinmassive.com
geo-network.joinmassive.com
network.joinmassive.com