Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-07-05 10:35Botnet C&CLocky
gccxqpuuylioxoip.pw
Dotserve Inc192.42.116.41 (- Netherlands)
2016-07-05 10:23Payment SiteCerber
52uo5k3t73ypjije.dkriur.top
Eranet International Limited (n/a)
2016-07-05 10:06Payment SiteCerber
cerberhhyed5frqa.cmti5o.win
Eranet International Limited (n/a)
2016-07-04 22:45Payment SiteCerber
cerberhhyed5frqa.45kgok.win
Eranet International Limited (n/a)
2016-07-04 21:44Payment SiteCerber
cerberhhyed5frqa.ad34ft.win
Eranet International Limited (n/a)
2016-07-04 20:58Payment SiteCerber
cerberhhyed5frqa.werti4.win
Eranet International Limited (n/a)
2016-07-04 18:28Payment SiteCerber
cerberhhyed5frqa.m5gid4.top
Eranet International Limited103.232.215.140 (- China)
2016-07-04 16:16Distribution SiteLocky
clear-sky.tk
BV Dot TK (n/a)
2016-07-04 06:06Payment SiteCerber
cerberhhyed5frqa.wewiso.win
Eranet International Limited (n/a)
2016-07-04 05:45Payment SiteCerber
cerberhhyed5frqa.lfotp5.top
Eranet International Limited103.232.215.140 (- China)
2016-07-03 21:57Payment SiteCerber
cerberhhyed5frqa.sims6n.win
Eranet International Limited (n/a)
2016-07-03 20:05Payment SiteCerber
cerberhhyed5frqa.xtrvb4.win
Eranet International Limited (n/a)
2016-07-03 13:04Payment SiteCerber
cerberhhyed5frqa.cneo59.win
Eranet International Limited (n/a)
2016-07-03 12:20Payment SiteCerber
cerberhhyed5frqa.45gf4t.win
Eranet International Limited (n/a)
2016-07-03 09:31Payment SiteCerber
cerberhhyed5frqa.fgfid6.win
Eranet International Limited (n/a)
2016-07-01 19:01Payment SiteCerber
cerberhhyed5frqa.5kti58.win
Eranet International Limited (n/a)
2016-07-01 17:36Payment SiteCerber
cerberhhyed5frqa.m5gid4.win
Eranet International Limited (n/a)
2016-07-01 13:30Botnet C&CLocky
fnjyygovdjyemga.xyz
Namecheapn/a
2016-07-01 01:33Payment SiteCerber
cerberhhyed5frqa.xmfu59.win
Eranet International Limited (n/a)
2016-06-30 19:00Payment SiteCerber
cerberhhyed5frqa.lib2vi.win
Eranet International Limited (n/a)
2016-06-30 13:26Payment SiteCerber
cerberhhyed5frqa.xo59ok.win
Eranet International Limited (n/a)
2016-06-30 11:13Payment SiteCerber
cerberhhyed5frqa.cmr95i.win
Eranet International Limited (n/a)
2016-06-30 03:56Payment SiteCerber
cerberhhyed5frqa.zgf48j.win
Eranet International Limited (n/a)
2016-06-30 01:52Payment SiteCerber
cerberhhyed5frqa.fkri48.win
Eranet International Limited (n/a)
2016-06-29 23:00Botnet C&CLocky
193.9.28.254
193.9.28.254 (- United States)
2016-06-29 23:00Botnet C&CLocky
185.146.169.16
185.146.169.16 (- Russian Federation)
2016-06-29 20:20Payment SiteCerber
cerberhhyed5frqa.cmr95i.top
Eranet International Limited (n/a)
2016-06-29 17:06Payment SiteCerber
cerberhhyed5frqa.kipfgs65s.com
BIZCN.COM, INC. (n/a)
2016-06-29 10:35Botnet C&CLocky
wjfkoqueatxdmqw.biz
BIZCN.COM, INC.151.236.15.226 (- Germany)
2016-06-29 10:35Botnet C&CLocky
uvcmlfca.biz
DYNADOT LLC69.195.129.70 (- United States)
2016-06-29 07:47Payment SiteCerber
cerberhhyed5frqa.alri58.win
Eranet International Limited (n/a)
2016-06-29 04:14Payment SiteCerber
cerberhhyed5frqa.m5fgoi.win
Eranet International Limited (n/a)
2016-06-29 03:01Payment SiteCerber
cerberhhyed5frqa.er48rt.win
Eranet International Limited (n/a)
2016-06-28 19:43Payment SiteCerber
cerberhhyed5frqa.asxce4.win
Eranet International Limited (n/a)
2016-06-28 16:29Payment SiteCerber
cerberhhyed5frqa.adevf4.win
Eranet International Limited (n/a)
2016-06-28 15:37Payment SiteCerber
cerberhhyed5frqa.li4loi.win
Eranet International Limited (n/a)
2016-06-28 12:54Botnet C&CLocky
pnyviolg.eu
eNom, Inc208.100.26.234 (- United States)
2016-06-28 12:08Payment SiteCerber
cerberhhyed5frqa.ti4wic.win
Eranet International Limited (n/a)
2016-06-28 10:55Payment SiteCerber
cerberhhyed5frqa.moneu5.win
Eranet International Limited (n/a)
2016-06-28 06:50Payment SiteCerber
cerberhhyed5frqa.oneswi.win
Eranet International Limited (n/a)
2016-06-28 03:13Payment SiteCerber
cerberhhyed5frqa.to6maq.win
Eranet International Limited (n/a)
2016-06-28 02:07Payment SiteCerber
cerberhhyed5frqa.fkr84i.win
Eranet International Limited (n/a)
2016-06-28 01:26Payment SiteCerber
cerberhhyed5frqa.as13fd.win
Eranet International Limited (n/a)
2016-06-28 00:52Payment SiteCerber
cerberhhyed5frqa.raress.win
Eranet International Limited (n/a)
2016-06-27 23:17Payment SiteCerber
cerberhhyed5frqa.mix3hi.win
Eranet International Limited (n/a)
2016-06-27 22:12Payment SiteCerber
cerberhhyed5frqa.we34re.win
Eranet International Limited (n/a)
2016-06-27 21:10Botnet C&CLocky
uetwvrlnee.fr
1API GmbH208.100.26.234 (- United States)
2016-06-27 20:05Payment SiteCerber
cerberhhyed5frqa.dk59jg.win
Eranet International Limited (n/a)
2016-06-27 17:51Payment SiteCerber
cerberhhyed5frqa.xltnet.win
Eranet International Limited (n/a)
2016-06-27 16:31Payment SiteCerber
cerberhhyed5frqa.workju.win
Eranet International Limited (n/a)
2016-06-27 16:30Payment SiteCerber
cerberhhyed5frqa.gkfit9.top
Eranet International Limited103.232.215.140 (- China)
2016-06-27 15:01Payment SiteCerber
cerberhhyed5frqa.dkrti5.top
Eranet International Limited (n/a)
2016-06-27 14:14Payment SiteCerber
cerberhhyed5frqa.qor499.top
Eranet International Limited (n/a)
2016-06-27 13:15Payment SiteCerber
cerberhhyed5frqa.wet4io.win
Eranet International Limited (n/a)
2016-06-27 12:43Payment SiteCerber
cerberhhyed5frqa.cneo59.top
Eranet International Limited (n/a)
2016-06-26 09:07Payment SiteCerber
cerberhhyed5frqa.xmfir0.top
Eranet International Limited (n/a)
2016-06-25 23:36Payment SiteCerber
cerberhhyed5frqa.305iot.top
Eranet International Limited (n/a)
2016-06-25 00:05Payment SiteCerber
cerberhhyed5frqa.xmfkr8.top
Eranet International Limited (n/a)
2016-06-24 19:58Botnet C&CCryptoWall
businessaviators.com
TUCOWS DOMAINS INC.209.193.73.67 (- United States)
2016-06-24 15:50Payment SiteCerber
cerberhhyed5frqa.xmfjr7.top
Eranet International Limited (n/a)
2016-06-24 11:41Payment SiteCerber
cerberhhyed5frqa.gkfit9.win
Eranet International Limited (n/a)
2016-06-24 07:51Payment SiteTorrentLocker
mz7oyb3v32vshcvk.torapples.li
(n/a)
2016-06-24 00:36Payment SiteCerber
cerberhhyed5frqa.305iot.win
Eranet International Limited (n/a)
2016-06-23 06:48Botnet C&CLocky
91.219.29.41
91.219.29.41 (- Ukraine)
2016-06-22 13:23Payment SiteCerber
cerberhhyed5frqa.xmfir0.win
Eranet International Limited (n/a)
2016-06-22 12:37Payment SiteTorrentLocker
mz7oyb3v32vshcvk.torlongor.li
(n/a)
2016-06-22 12:24Distribution SiteTorrentLocker
magnitel.net
DINAHOSTING SL82.98.139.147 (- Spain)
2016-06-22 06:00Payment SiteCerber
cerberhhyed5frqa.vmfu48.win
Eranet International Limited (n/a)
2016-06-21 12:22Payment SiteCerber
cerberhhyed5frqa.xmfhr6.win
Eranet International Limited (n/a)
2016-06-21 04:34Payment SiteCerber
cerberhhyed5frqa.azlto5.win
Eranet International Limited (n/a)
2016-06-21 02:42Botnet C&CLocky
aarnknthc.xyz
Namecheap208.100.26.234 (- United States)
2016-06-21 02:41Botnet C&CLocky
kjkwjqvqrjocpi.xyz
Namecheapn/a
2016-06-21 02:41Botnet C&CLocky
185.141.25.108
185.141.25.108 (- Romania)
2016-06-19 10:51Botnet C&CLocky
fhvjsmtkirihxh.xyz
Namecheap208.100.26.234 (- United States)
2016-06-19 05:09Botnet C&CLocky
ltpwqva.xyz
Namecheap208.100.26.234 (- United States)
2016-06-16 14:58Distribution SiteLocky
vinabuhmwoo.com
ONLINENIC, INC. (n/a)
2016-06-15 14:03Payment SiteTorrentLocker
de2nuvwegoo32oqv.tormilki.li
(n/a)
2016-06-15 09:00Payment SiteTorrentLocker
stgg5jv6mqiibmax.toranimals.li
(n/a)
2016-06-15 06:34Payment SiteTorrentLocker
de2nuvwegoo32oqv.torminimals.li
(n/a)
2016-06-09 08:31Payment SiteTorrentLocker
de2nuvwegoo32oqv.tortodorf.li
(n/a)
2016-06-08 07:23Payment SiteTorrentLocker
stgg5jv6mqiibmax.torclasses.li
(n/a)
2016-06-08 07:09Payment SiteTorrentLocker
de2nuvwegoo32oqv.tordrims.li
(n/a)
2016-06-06 08:41Distribution SiteLocky
bogialai.com
P.A. VIET NAM COMPANY LIMITED125.253.121.16 (- Vietnam)
2016-06-06 06:48Botnet C&CLocky
bddadevlpkwrrmud.xyz
Namecheap208.100.26.234 (- United States)
2016-06-05 08:53Botnet C&CDMALocker
www.actioncompass.online
Namecheap5.8.63.31 (- United States)
2016-06-04 10:10Payment SiteTorrentLocker
de2nuvwegoo32oqv.torfigth.li
(n/a)
2016-06-02 23:32Botnet C&CLocky
82.196.6.154
82.196.6.154 (- Netherlands)
2016-06-02 23:32Botnet C&CLocky
51.255.107.20
51.255.107.20 (- France)
2016-06-01 14:28Distribution SiteLocky
auburnac.org
Wild West Domains, LLC199.34.228.59 (- United States)
2016-06-01 14:28Distribution SiteLocky
davidcandy.website.pl
Consulting Service Sp. z o.o.193.218.152.119 (- Poland)
2016-06-01 14:28Distribution SiteLocky
nitalholdings.com
GODADDY.COM, LLC192.186.196.34 (- United States)
2016-06-01 14:28Distribution SiteLocky
f7space.zg5.ru
REGTIME-RU91.223.216.57 (- Ukraine)
2016-06-01 14:28Distribution SiteLocky
nuzzledot.com
GODADDY.COM, LLC23.229.147.2 (- United States)
2016-06-01 14:28Distribution SiteLocky
tipsforall.in
GoDaddy.com, LLC (R101-AFIN)43.242.215.197 (- India)
2016-06-01 14:28Distribution SiteLocky
hanzzflorist.com
GODADDY.COM, LLC (n/a)
2016-06-01 14:28Distribution SiteLocky
shivshanti.in
GoDaddy.com, LLC (R101-AFIN)43.242.215.197 (- India)
2016-06-01 14:28Distribution SiteLocky
iidfc.com
GKG.NET, INC.182.163.111.121 (- Bangladesh)
2016-06-01 14:28Distribution SiteLocky
buscahoy.com
GODADDY.COM, LLC192.186.245.194 (- United States)
2016-06-01 14:28Distribution SiteLocky
216.104.183.199
n/a
2016-06-01 14:28Distribution SiteLocky
discountghd.org
GoDaddy.com, LLC210.1.60.27 (- Thailand)

# of rows displayed: 100
# of entries in database: 12'899

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 >