This page is the archive of projects initiated and coordinated directly by MalwareMustDie team(MMD) on several threat research branches to takedown its malware infrastructure (we called this project as "Tango Down"), which its data is sorted by dates and ranged from the early MMD establishment (2012) to 2016. The project is lead by @esachin, who is still active with the takedown coordination.
From mid 2016 to mid 2017 the projects has been escalated beyond our resources, we could not record them properly but the execution for those takedown coordination has been followed eventually after each analysis post has been made, the some of those announcement were published in the private twitter account of @malwaremustdie, and so far, the total the bad infrastructure items takedown (suspension, locked, cleaned-up, etc) is exceeded more than 30,000 bad domains included the IP addresses.
Due to the high load in this operation. Since 2017 the scheme of coordination of the project has been changed, the projects continues in a form of escalation to incident response workflow passed as IOC/STIX2 for the intake process to affected Abuse, SIRT/CSIRT or CERT for the related internet services. We focus to the analysis report to support technical evidence of those escalation.
Below is the archive for list of the takedown projects recorded in the early stage, it is about 8,000+ takedowns, before the number has highly escalated:
| Date | Takedown Amount | Description |
| 20121225 LINK | 194 | Multiple verdict malware domains takedown |
| 20121226 LINK | 140 | Blackhole EK domains takedown |
| 20130325 LINK | 22 | Sweet Orange EK domains takedown |
| 20130326 LINK | 240 | Sofos EK domains takedown |
| 20130629 LINK | 61 | Blackhole EK("closest") domains takedown |
| 20131105 LINK | 10 domains 54 IP | Necurs campaign Cridex+Fareit("*.RU:8080/*/column .php") infrastructure takedown |
| 20130725 LINK | 97 | Kelihos botnet C2 domains takedown |
| 20130808 LINK | 113 | Kelihos botnet C2 domains takedown |
| 20131113 LINK | 138 | CryptoLocker ransomware domains takedown |
| 20131203 LINK | 2989 | Kelihos botnet C2 domains takedown |
| 20140915 LINK | 85 | Various China ELF malware C2 takedown |
| 20160805 LINK | 3917 | Neutrino+Angler EK(maykoe@list .ru) domains takedown |
