Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-07-12 14:35Distribution SiteLocky
richard-scissors.com
ENOM, INC.157.7.107.151 (- Japan)
2016-07-12 14:35Distribution SiteLocky
omnitask.ba
88.198.13.104 (- Germany)
2016-07-12 14:35Distribution SiteLocky
revengeofsultans.com
GODADDY.COM, LLC47.91.76.111 (- Canada)
2016-07-12 14:35Distribution SiteLocky
mphooseitutu.com
TUCOWS DOMAINS INC.197.221.10.206 (- South Africa)
2016-07-12 14:35Distribution SiteLocky
sirimba.com.br
191.252.51.33 (- Brazil)
2016-07-12 14:35Distribution SiteLocky
doisirmaosturismo-rj.com.br
186.202.153.39 (- Brazil)
2016-07-12 14:35Distribution SiteLocky
sindsul.com
TUCOWS DOMAINS INC. (n/a)
2016-07-12 14:35Distribution SiteLocky
wacker-etm.ru
RU-CENTER-RU195.208.1.106 (- Russian Federation)
2016-07-12 14:35Distribution SiteLocky
globaldveri.ru
RU-CENTER-RU195.208.0.105 (- Russian Federation)
2016-07-12 14:35Distribution SiteLocky
mywebhost.nichost.ru
RU-CENTER-RU195.208.1.123 (- Russian Federation)
2016-07-12 14:35Distribution SiteLocky
nicesound.biz
ENOM, INC. (n/a)
2016-07-12 14:35Distribution SiteLocky
heonybaby.synology.me
GoDaddy.com, LLC (n/a)
2016-07-12 14:34Distribution SiteLocky
ostrovokkrasoty.ru
RU-CENTER-RU195.208.1.106 (- Russian Federation)
2016-07-12 14:34Distribution SiteLocky
mcpf.co.za
197.221.10.206 (- South Africa)
2016-07-12 14:34Distribution SiteLocky
rigoberto.com.br
(n/a)
2016-07-12 14:34Distribution SiteLocky
hanaweb.xsrv.jp
210.188.201.42 (- Japan)
2016-07-12 14:34Distribution SiteLocky
stylespiritdubai.com
GODADDY.COM, LLC88.198.13.104 (- Germany)
2016-07-12 14:34Distribution SiteLocky
diablitos.no
46.30.213.188 (- Denmark)
2016-07-12 14:34Distribution SiteLocky
ialri.net
GODADDY.COM, LLC23.236.62.147 (- United States)
2016-07-12 14:34Distribution SiteLocky
zakagimebel.ru
RU-CENTER-RU195.208.1.106 (- Russian Federation)
2016-07-12 14:34Distribution SiteLocky
www.cristaleriadominguez.com
NOMINALIA INTERNET S.L.62.42.230.17 (- Spain)
2016-07-12 14:34Distribution SiteLocky
jsbaden.jemk.ch
217.150.253.193 (- Switzerland)
2016-07-12 14:34Distribution SiteLocky
aerosfera.ru
RU-CENTER-RU195.208.1.109 (- Russian Federation)
2016-07-12 14:34Distribution SiteLocky
maihama.2jikai-p.net
GMO INTERNET, INC. DBA ONAMAE.CO[...]157.7.144.96 (- Japan)
2016-07-12 14:34Distribution SiteLocky
choogo.net
GABIA, INC.121.125.79.171 (- Korea)
2016-07-12 14:34Distribution SiteLocky
wineroutes.ru
R01-RU77.222.56.73 (- Russian Federation)
2016-07-12 14:34Distribution SiteLocky
zoomwalls.com
GODADDY.COM, LLC50.28.32.162 (- United States)
2016-07-12 14:34Distribution SiteLocky
tvernedra.ru
RU-CENTER-RU195.208.0.16 (- Russian Federation)
2016-07-12 14:34Distribution SiteLocky
eusekkei.co.jp
203.183.200.158 (- Japan)
2016-07-12 14:33Distribution SiteLocky
valsystem.cl
NIC Chile204.93.172.128 (- United States)
2016-07-12 14:33Distribution SiteLocky
control3.com.br
192.185.209.37 (- United States)
2016-07-12 14:33Distribution SiteLocky
kveldeil.no
176.111.200.27 (- Norway)
2016-07-12 14:33Distribution SiteLocky
samaju.se
Zitcom A/S94.231.103.104 (- Denmark)
2016-07-12 14:33Distribution SiteLocky
repair-service.london
GoDaddy160.153.16.21 (- United States)
2016-07-12 14:33Distribution SiteLocky
jstudio.com.my
220.158.200.83 (- Malaysia)
2016-07-12 14:33Distribution SiteLocky
www.ital.com.mx
Akky (Una division de NIC Mexico[...]173.236.228.227 (- United States)
2016-07-12 14:33Distribution SiteLocky
zachphoto.7u.cz
REG-BANAN77.93.211.244 (- Czech Republic)
2016-07-12 14:33Distribution SiteLocky
ppf.com.pk
144.208.71.126 (- United States)
2016-07-12 14:33Distribution SiteLocky
ferozsons-labs.com
TUCOWS DOMAINS INC.144.208.71.126 (- United States)
2016-07-12 14:33Distribution SiteLocky
www.inextenso.hu
217.116.47.122 (- Hungary)
2016-07-12 10:22Payment SiteCerber
52uo5k3t73ypjije.b7mciu.top
Eranet International Limited (n/a)
2016-07-12 09:35Payment SiteCerber
pmenboeqhyrpvomq.hasterlyston.cloud
Alpnames Limited (n/a)
2016-07-12 07:53Payment SiteCerber
52uo5k3t73ypjije.hlu8yz.top
Eranet International Limited (n/a)
2016-07-12 02:33Payment SiteCerber
pmenboeqhyrpvomq.gletterstan.trade
Alpnames Limited (n/a)
2016-07-11 23:50Payment SiteCerber
52uo5k3t73ypjije.fe98iy.top
Eranet International Limited (n/a)
2016-07-11 23:38Payment SiteCerber
4kqd3hmqgptupi3p.nameuser.site
AlpNames Limited (n/a)
2016-07-11 22:33Payment SiteCerber
52uo5k3t73ypjije.dmrueo.top
Eranet International Limited (n/a)
2016-07-11 22:15Payment SiteCerber
pmenboeqhyrpvomq.azwsxe.top
Eranet International Limited (n/a)
2016-07-11 22:02Payment SiteCerber
4kqd3hmqgptupi3p.ezm0r5.top
Eranet International Limited (n/a)
2016-07-11 21:04Payment SiteCerber
4kqd3hmqgptupi3p.b7mciu.top
Eranet International Limited (n/a)
2016-07-11 17:39Payment SiteCerber
pmenboeqhyrpvomq.fm0cga.top
Eranet International Limited (n/a)
2016-07-11 15:57Payment SiteCerber
52uo5k3t73ypjije.self56.top
Eranet International Limited (n/a)
2016-07-11 15:46Payment SiteCerber
52uo5k3t73ypjije.ddwub3.top
Eranet International Limited (n/a)
2016-07-11 13:27Payment SiteCerber
27lelchgcvs2wpm7.h9ihx3.top
Eranet International Limited (n/a)
2016-07-11 13:25Payment SiteCerber
52uo5k3t73ypjije.ezm0r5.top
Eranet International Limited (n/a)
2016-07-11 13:09Botnet C&CPadCrypt
nehvc5m3fs57dyrz.onion.link
103.198.0.2 (- Singapore)
2016-07-11 11:11Payment SiteTorrentLocker
mz7oyb3v32vshcvk.tormidle.at
(n/a)
2016-07-11 08:15Payment SiteCerber
pmenboeqhyrpvomq.p8rruv.top
Eranet International Limited (n/a)
2016-07-11 06:38Payment SiteCerber
52uo5k3t73ypjije.wins4n.win
Eranet International Limited (n/a)
2016-07-11 04:50Distribution SiteTorrentLocker
siasibisaat.com
GODADDY.COM, LLC50.63.202.60 (- United States)
2016-07-11 03:31Botnet C&CLocky
eaxpifdtwsv.biz
BIZCN.COM, INC.95.46.114.97 (- Czech Republic)
2016-07-11 02:13Payment SiteCerber
27lelchgcvs2wpm7.asd3r3.top
Eranet International Limited (n/a)
2016-07-11 01:57Payment SiteCerber
pmenboeqhyrpvomq.xneyvm.top
Eranet International Limited (n/a)
2016-07-11 01:57Payment SiteCerber
52uo5k3t73ypjije.ie7t8k.top
Eranet International Limited (n/a)
2016-07-11 00:57Payment SiteCerber
pmenboeqhyrpvomq.58na23.top
Eranet International Limited (n/a)
2016-07-10 22:05Payment SiteCerber
27lelchgcvs2wpm7.fm0cga.top
Eranet International Limited (n/a)
2016-07-10 21:12Payment SiteCerber
pmenboeqhyrpvomq.self56.top
Eranet International Limited (n/a)
2016-07-10 14:05Payment SiteCerber
4kqd3hmqgptupi3p.adevf4.top
Eranet International Limited (n/a)
2016-07-10 09:31Payment SiteCerber
27lelchgcvs2wpm7.wins4n.win
Eranet International Limited (n/a)
2016-07-10 08:28Payment SiteCerber
27lelchgcvs2wpm7.xkfi59.top
Eranet International Limited (n/a)
2016-07-10 00:06Payment SiteCerber
pmenboeqhyrpvomq.cmri58.top
Eranet International Limited (n/a)
2016-07-09 03:11Payment SiteCerber
4kqd3hmqgptupi3p.wins4n.top
Eranet International Limited (n/a)
2016-07-09 01:55Payment SiteCerber
27lelchgcvs2wpm7.rt4e34.win
Eranet International Limited (n/a)
2016-07-08 13:23Distribution SiteLocky
www.johnsonfashion.com.tw
HINET52.198.26.8 (- Japan) +1 A record(s) 54.64.20.112 (AS16509, - Japan)
2016-07-08 13:23Distribution SiteLocky
expertsreunis.com
REGISTER.IT SPA81.88.57.68 (- Italy)
2016-07-08 13:23Distribution SiteLocky
advempresarial.com
GODADDY.COM, LLC69.49.115.40 (- United States)
2016-07-08 12:28Distribution SiteLocky
psiaekipa.com
ENOM, INC.94.23.89.100 (- Poland)
2016-07-08 12:00Distribution SiteLocky
sasakisummers.com
GODADDY.COM, LLC64.29.151.221 (- United States)
2016-07-08 11:30Distribution SiteLocky
hero-ny.org
DomainPeople, Inc. (n/a)
2016-07-08 10:52Distribution SiteLocky
satinfuntaboo.com
GODADDY.COM, LLC185.72.157.174 (- United States)
2016-07-08 10:05Distribution SiteLocky
felicecremesini.com
REGISTER.IT SPA195.110.124.133 (- Italy)
2016-07-08 10:04Distribution SiteLocky
themeidea.com
GODADDY.COM, LLC121.42.125.49 (- China)
2016-07-08 10:04Distribution SiteLocky
kurumenishimura.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]153.122.16.1 (- Japan)
2016-07-08 10:04Distribution SiteLocky
manutenzionecarrier.com
REGISTER.IT SPA195.110.124.133 (- Italy)
2016-07-08 10:04Distribution SiteLocky
caijiachina.com
REGISTER.IT SPA (n/a)
2016-07-08 10:04Distribution SiteLocky
gebrauchtkauf.at
216.55.105.144 (- Canada)
2016-07-08 10:04Distribution SiteLocky
seferworld.com
NAME.COM, INC.74.220.199.8 (- United States)
2016-07-08 10:04Distribution SiteLocky
drpampe.com
DELUXE SMALL BUSINESS SALES, INC[...]64.29.151.221 (- United States)
2016-07-08 10:04Distribution SiteLocky
fermmedia.com
IHS TELEKOM, INC.94.73.147.68 (- Turkey)
2016-07-08 10:03Distribution SiteLocky
abschlepp-taxi24.at
81.169.145.72 (- Germany)
2016-07-07 22:32Payment SiteCerber
52uo5k3t73ypjije.to6maq.top
Eranet International Limited (n/a)
2016-07-07 22:00Botnet C&CPayCrypt
graund-a.com.ua
ua.ukraine185.68.16.115 (- Ukraine)
2016-07-07 22:00Botnet C&CPayCrypt
graund-a.com.ua
ua.ukraine185.68.16.115 (- Ukraine)
2016-07-07 22:00Payment SiteCerber
52uo5k3t73ypjije.fkgrie.top
Eranet International Limited (n/a)
2016-07-07 15:44Payment SiteCerber
27lelchgcvs2wpm7.adevf4.top
Eranet International Limited (n/a)
2016-07-07 14:05Distribution SiteLocky
academicbooks.co.za
129.232.228.74 (- South Africa)
2016-07-07 14:05Distribution SiteLocky
homahost.com
TUCOWS DOMAINS INC. (n/a)
2016-07-07 13:44Botnet C&CLocky
51.255.172.55
51.255.172.55 (- France)
2016-07-07 13:41Payment SiteCerber
52uo5k3t73ypjije.ti4wic.top
Eranet International Limited (n/a)
2016-07-07 12:18Distribution SiteLocky
takipediliyoruz.com
NICS TELEKOMUNIKASYON TIC LTD. S[...]188.138.57.70 (- Germany)

# of rows displayed: 100
# of entries in database: 12'829

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 >