Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-03-16 10:21Botnet C&CCTB-Locker
beedqybvjehzlud5.tor2web.org
Tucows Inc.194.150.168.70 (- Germany)
2016-03-01 07:34Botnet C&CCTB-Locker
zsn5qtrgfpu4tmpg.tor2web.org
Tucows Inc.194.150.168.70 (- Germany)
2016-02-27 07:47Botnet C&CCTB-Locker
zsn5qtrgfpu4tmpg.onion.cab
InterNetworX Ltd. & Co. KG85.25.214.50 (- Germany)
2016-02-25 07:06Botnet C&CCTB-Locker
zsn5qtrgfpu4tmpg.tor2web.fi
194.150.168.74 (- Germany)
2016-02-20 15:29Botnet C&CCTB-Locker
zsn5qtrgfpu4tmpg.onion.lt
Gandi Sas82.94.251.220 (- Netherlands)
2016-02-20 15:29Botnet C&CCTB-Locker
zsn5qtrgfpu4tmpg.onion.gq
192.42.118.104 (- Netherlands)

# of rows displayed: 6
# of entries in database: 9'210