Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-05-10 10:54Distribution SiteLocky
cmobilier.com
OVH5.39.70.7 (- France)
2016-05-10 10:54Distribution SiteLocky
beverlyhillssilver.com
NETWORK SOLUTIONS, LLC.72.41.110.2 (- United States)
2016-05-10 10:54Distribution SiteLocky
admin.prettysecrets.com
GO FRANCE DOMAINS, LLC (n/a)
2016-05-10 10:42Distribution SiteLocky
tadinda.web-tasarimcilar.com
GODADDY.COM, LLC185.179.27.53 (- Turkey)
2016-05-09 06:33Payment SiteTorrentLocker
de2nuvwegoo32oqv.tortelevision.li
(n/a)
2016-05-09 02:36Botnet C&CLocky
37.46.131.153
37.46.131.153 (- Russian Federation)
2016-05-08 21:29Botnet C&CTeslaCrypt
jdebrains.com
GODADDY.COM, LLC23.229.155.72 (- United States)
2016-05-08 21:29Botnet C&CTeslaCrypt
chaliawala.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]64.22.112.34 (- United States)
2016-05-08 07:20Botnet C&CLocky
193.124.185.87
193.124.185.87 (- Russian Federation)
2016-05-07 22:45Botnet C&CLocky
146.185.137.40
146.185.137.40 (- Netherlands)
2016-05-07 06:29Distribution SiteLocky
helpdesk.zergos.ru
REGRU-RU138.201.119.127 (- Germany)
2016-05-06 20:30Botnet C&CTeslaCrypt
www.laidclinique.com.mx
NEUBOX Internet SA de CV65.99.225.47 (- United States)
2016-05-06 20:30Botnet C&CTeslaCrypt
laidclinique.com.mx
NEUBOX Internet SA de CV65.99.225.47 (- United States)
2016-05-06 18:00Botnet C&CLocky
78.47.110.82
78.47.110.82 (- Germany)
2016-05-06 13:38Distribution SiteLocky
4ix.com
ENOM, INC.203.129.113.142 (- Japan)
2016-05-06 11:53Distribution SiteLocky
drdianateachertraining.com
GODADDY.COM, LLC199.83.129.211 (- United States) +1 A record(s) 199.83.131.211 (AS19551, - United States)
2016-05-06 11:14Distribution SiteLocky
taninabandb.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.38.26 (- Italy)
2016-05-06 10:47Distribution SiteLocky
rulshtory.wmlead.ru
RU-CENTER-RU (n/a)
2016-05-06 09:22Distribution SiteLocky
cliente1.gugliandolo.com
TUCOWS DOMAINS INC.85.235.131.88 (- Italy)
2016-05-06 09:08Distribution SiteLocky
topcarshop.ir
87.98.227.214 (- Spain)
2016-05-06 08:42Payment SiteTeslaCrypt
ik4dm.mazerunci.at
(n/a)
2016-05-06 08:40Payment SiteTeslaCrypt
y4bxj.adozeuds.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-05-06 08:32Distribution SiteLocky
akarui.org
GoDaddy.com, LLC166.62.30.158 (- United States)
2016-05-06 08:32Distribution SiteLocky
spraszyn.home.pl
home.pl S.A.79.96.92.220 (- Poland)
2016-05-06 08:31Distribution SiteLocky
virusremovals.org
Name.com, LLC67.228.184.52 (- United States)
2016-05-06 08:31Distribution SiteLocky
istvest.com
TUCOWS DOMAINS INC.79.98.29.30 (- Lithuania)
2016-05-06 08:31Distribution SiteLocky
ikiartimatbaa.com
NICS TELEKOMUNIKASYON TICARET LT[...]94.73.150.20 (- Turkey)
2016-05-06 06:02Distribution SiteLocky
shopngocquyen.com
GODADDY.COM, LLC209.99.17.27 (- United States)
2016-05-05 14:49Botnet C&CTeslaCrypt
hypnotiseyourself.co.uk
123-Reg Limited t/a 123-reg50.87.146.83 (- United States)
2016-05-05 13:45Botnet C&CLocky
fdehgchykmiqwdg.info
Dynadot, LLC69.195.129.70 (- United States)
2016-05-05 13:45Botnet C&CLocky
91.219.29.66
91.219.29.66 (- Ukraine)
2016-05-05 13:45Botnet C&CLocky
185.22.67.108
185.22.67.108 (- Kazakhstan)
2016-05-05 08:31Botnet C&CLocky
91.226.93.124
91.226.93.124 (- Russian Federation)
2016-05-05 07:24Distribution SiteLocky
fashionmekka.com
KEY-SYSTEMS GMBH (n/a)
2016-05-05 06:54Distribution SiteLocky
sourcechemindia.com
WILD WEST DOMAINS, LLC166.62.27.182 (- United States)
2016-05-05 06:54Distribution SiteLocky
testovaciadomena.sk
93.184.77.198 (- Slovakia)
2016-05-05 06:53Distribution SiteLocky
stadiumwebshop.com
TLD REGISTRAR SOLUTIONS LTD94.177.168.91 (- Italy)
2016-05-05 06:53Distribution SiteLocky
web.smadwiwarna.net
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]103.228.119.245 (- Indonesia)
2016-05-05 06:53Distribution SiteLocky
jambe.in
GoDaddy.com, LLC (R101-AFIN)216.239.32.21 (- United States) +3 A record(s) 216.239.34.21 (AS15169, - United States)
216.239.36.21 (AS15169, - United States)
216.239.38.21 (AS15169, - United States)
2016-05-05 06:52Distribution SiteLocky
cwsnet.com.au
Web Address Registration216.224.174.137 (- United States)
2016-05-05 06:52Botnet C&CLocky
91.234.33.215
91.234.33.215 (- Ukraine)
2016-05-05 05:51Payment SiteTeslaCrypt
h54dc.leverdaze.at
(n/a)
2016-05-04 22:34Botnet C&CPayCrypt
dnibsan.com
ENOM, INC.67.225.220.95 (- United States)
2016-05-04 18:30Botnet C&CLocky
138.201.95.72
138.201.95.72 (- Germany)
2016-05-04 16:15Botnet C&CTeslaCrypt
random-shots.com
GODADDY.COM, LLC192.185.5.148 (- United States)
2016-05-04 07:41Botnet C&CLocky
31.184.197.126
31.184.197.126 (- Russian Federation)
2016-05-03 15:34Botnet C&CLocky
91.226.93.113
91.226.93.113 (- Russian Federation)
2016-05-03 15:33Botnet C&CLocky
91.219.29.64
91.219.29.64 (- Ukraine)
2016-05-03 13:49Distribution SiteLocky
badu.sk
37.46.80.248 (- Czech Republic)
2016-05-03 13:28Distribution SiteLocky
niagara.vn.ua
ua.ukraine185.68.16.6 (- Ukraine)
2016-05-02 19:59Botnet C&CTeslaCrypt
www.maniffatoretraiteur.com
GANDI SAS217.70.180.151 (- France)
2016-05-02 06:06Payment SiteTeslaCrypt
k234s.ascotsprue.com
KEY-SYSTEMS GMBH184.105.192.2 (- United States)
2016-05-02 06:05Payment SiteTeslaCrypt
l123d.feustude.at
(n/a)
2016-05-02 06:05Payment SiteTeslaCrypt
u24er.ovaarmor.com
KEY-SYSTEMS GMBH184.105.192.2 (- United States)
2016-05-02 02:48Botnet C&CLocky
ycvcjbhgkmsiyhdd.info
Regtime Ltd.91.230.211.26 (- Russian Federation)
2016-05-01 23:05Botnet C&CTeslaCrypt
site7.aiglecom.com
GANDI SAS217.70.180.151 (- France)
2016-05-01 19:25Botnet C&CLocky
rrcspgfghsjnklts.pw
Namecheap208.100.26.234 (- United States)
2016-05-01 15:39Botnet C&CLocky
abvtqhwodwjmi.work
Regtime91.230.211.26 (- Russian Federation)
2016-05-01 08:38Payment SiteTorrentLocker
stgg5jv6mqiibmax.toradmin.li
(n/a)
2016-05-01 08:34Payment SiteTorrentLocker
stgg5jv6mqiibmax.torclever.li
(n/a)
2016-04-29 19:56Botnet C&CLocky
cwprfpjtmjb.biz
DYNADOT LLC69.195.129.70 (- United States)
2016-04-29 17:21Botnet C&CLocky
83.217.8.155
83.217.8.155 (- Russian Federation)
2016-04-29 14:44Distribution SiteLocky
listelo.com.br
177.234.151.130 (- Brazil)
2016-04-29 12:39Botnet C&CLocky
89.108.84.155
89.108.84.155 (- Russian Federation)
2016-04-29 12:31Distribution SiteLocky
dveri-ivanovo.ru
R01-RU (n/a)
2016-04-29 10:59Distribution SiteLocky
avcilarinpazari.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]209.99.40.223 (- United States)
2016-04-29 10:59Distribution SiteLocky
zona-sezona.com.ua
ua.adresa91.223.223.159 (- Ukraine)
2016-04-29 10:59Distribution SiteLocky
amatic.in
GoDaddy.com, LLC (R101-AFIN)103.247.96.21 (- India)
2016-04-29 10:59Distribution SiteLocky
cafeaparis.eu
DonDominio.com / Soluciones Corp[...] (n/a)
2016-04-29 08:50Distribution SiteLocky
64.207.144.148
(n/a)
2016-04-29 08:50Distribution SiteLocky
easytravelvault.com
CRAZY DOMAINS FZ-LLC101.0.117.102 (- Australia)
2016-04-29 08:49Distribution SiteLocky
kizilirmakdeltasi.net
FBS INC.5.250.244.186 (- Turkey)
2016-04-29 08:49Distribution SiteLocky
emcartaz.net.br
(n/a)
2016-04-29 04:28Botnet C&CTeslaCrypt
gmtuae.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...] (n/a)
2016-04-28 20:51Botnet C&CTeslaCrypt
faenzabike.makkie.com
DNC HOLDINGS, INC.213.26.174.81 (- Italy)
2016-04-28 18:00Botnet C&CLocky
51.254.240.60
51.254.240.60 (- France)
2016-04-28 16:51Botnet C&CLocky
axnemuevqnstqyflb.work
Regtime31.148.99.188 (- Russian Federation)
2016-04-28 15:10Botnet C&CLocky
83.217.26.168
83.217.26.168 (- Russian Federation)
2016-04-28 12:38Botnet C&CTeslaCrypt
bestinghana.com
GODADDY.COM, LLC184.168.51.1 (- United States)
2016-04-28 12:03Distribution SiteLocky
minisupergame.ru
REGRU-RU (n/a)
2016-04-28 12:03Distribution SiteLocky
cafe-vintage68.ru
R01-RU (n/a)
2016-04-28 12:03Distribution SiteLocky
switchright.com
123-REG LIMITED80.160.49.212 (- Denmark)
2016-04-28 12:02Distribution SiteLocky
3dphoto-rotate.ru
AGAVA-RU81.177.141.211 (- Russian Federation)
2016-04-28 12:02Distribution SiteLocky
banketcentr.ru
R01-RU (n/a)
2016-04-28 12:01Distribution SiteLocky
tribalsnedkeren.dk
92.61.149.78 (- Europe)
2016-04-28 12:01Distribution SiteLocky
rabitaforex.com
GODADDY.COM, LLC (n/a)
2016-04-28 06:10Botnet C&CTeslaCrypt
coolcases.info
Wild West Domains, LLC72.167.232.144 (- United States)
2016-04-28 05:00Botnet C&CLocky
htankds.info
Regtime Ltd.91.219.31.18 (- Russian Federation)
2016-04-27 20:19Botnet C&CLocky
107.170.20.33
107.170.20.33 (- United States)
2016-04-27 16:51Botnet C&CTeslaCrypt
runescape-autominer.info
eNom, Inc.192.185.46.61 (- United States)
2016-04-27 15:42Botnet C&CTeslaCrypt
www.teacherassist.info
NameWeb BVBA94.124.120.61 (- Netherlands)
2016-04-27 12:48Distribution SiteLocky
warcraft-lich-king.ru
REGRU-RU87.236.19.13 (- Russian Federation)
2016-04-27 12:48Distribution SiteLocky
soccerinsider.net
TLD REGISTRAR SOLUTIONS LTD (n/a)
2016-04-27 12:47Distribution SiteLocky
pediatriayvacunas.com
DOMAIN.COM, LLC192.185.13.169 (- United States)
2016-04-27 12:47Distribution SiteLocky
onlinecrockpotrecipes.com
GODADDY.COM, LLC (n/a)
2016-04-27 12:46Distribution SiteLocky
lbbc.pt
130.185.84.57 (- Portugal)
2016-04-27 12:46Distribution SiteLocky
jurang.tk
Freedom Registry, Inc. (n/a)
2016-04-27 12:46Distribution SiteLocky
directenergy.tv
NAME.COM, INC.67.225.176.90 (- United States)
2016-04-27 12:45Distribution SiteLocky
adamauto.nl
TransIP BV5.61.252.121 (- Netherlands)
2016-04-27 12:44Distribution SiteLocky
aaacollectionsjewelry.com
ENOM, INC. (n/a)

# of rows displayed: 100
# of entries in database: 12'899

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 >