Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-04-01 05:56Distribution SiteLocky
storepro.ir
185.94.97.106 (- Iran)
2016-04-01 05:56Distribution SiteLocky
zwei.audio
1&1 Internet SE217.160.0.111 (- Germany)
2016-04-01 05:56Distribution SiteLocky
anttela.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]202.75.56.132 (- Malaysia)
2016-03-31 23:21Botnet C&CLocky
88.198.119.177
88.198.119.177 (- Germany)
2016-03-31 20:53Botnet C&CTeslaCrypt
mahmutersan.com.tr
160.153.18.235 (- United States)
2016-03-31 20:53Botnet C&CTeslaCrypt
kknk-shop.dev.onnetdigital.com
ENOM, INC.176.9.2.244 (- Germany)
2016-03-31 20:53Botnet C&CTeslaCrypt
forms.net.in
GoDaddy.com, LLC (R101-AFIN)160.153.51.192 (- United States)
2016-03-31 20:26Botnet C&CLocky
sqrgvbgfyya.org
Dynadot, LLC69.195.129.70 (- United States)
2016-03-31 20:26Botnet C&CLocky
barjhxoye.info
101domain, Inc195.22.28.197 (- Portugal)
2016-03-31 20:06Botnet C&CLocky
81.177.181.164
81.177.181.164 (- Russian Federation)
2016-03-31 17:53Distribution SiteLocky
greenellebox.com
OVH217.160.223.72 (- Germany)
2016-03-31 17:52Distribution SiteLocky
www.aluguerdiadema.com
NETWORK SOLUTIONS, LLC.185.2.4.74 (- Italy)
2016-03-31 17:52Distribution SiteLocky
icurlers.com
GODADDY.COM, LLC138.201.79.116 (- Germany)
2016-03-31 17:52Distribution SiteLocky
shopyb.com
DOMAINCLUB.COM LLC23.227.38.32 (- Canada)
2016-03-31 17:51Distribution SiteLocky
mentalmathcompetition.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]185.116.213.93 (- United Kingdom)
2016-03-31 17:51Distribution SiteLocky
hollandfoodexchange.com
KEY-SYSTEMS GMBH78.46.245.40 (- Germany)
2016-03-31 17:49Distribution SiteLocky
mylookalikedoll.com
GODADDY.COM, LLC204.11.56.48 (- Virgin Islands)
2016-03-31 17:48Distribution SiteLocky
be-stlines-tore.com
ENOM, INC. (n/a)
2016-03-31 17:48Distribution SiteLocky
aaacollectionsjewelry.com
ENOM, INC. (n/a)
2016-03-31 17:45Distribution SiteLocky
internetsimplificada.com.br
198.46.81.219 (- United States)
2016-03-31 17:44Distribution SiteLocky
easyvisa.com
GODADDY.COM, LLC192.154.96.199 (- United States)
2016-03-31 17:44Distribution SiteLocky
easyvisa.com
GODADDY.COM, LLC192.154.96.199 (- United States)
2016-03-31 17:20Distribution SiteLocky
beimeihuifu.com
FASTDOMAIN, INC. (n/a)
2016-03-31 16:56Payment SiteTeslaCrypt
i5ndw.titlecorta.at
(n/a)
2016-03-31 16:53Payment SiteTeslaCrypt
d34fa.lasmeio.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-03-31 16:11Botnet C&CTeslaCrypt
casasembargada.com
GODADDY.COM, LLC23.229.166.194 (- United States)
2016-03-31 15:57Distribution SiteLocky
santekhnicheskie-raboti.ru
REGRU-RU31.31.205.31 (- Russian Federation)
2016-03-31 15:56Distribution SiteLocky
smartbs-cameroun.com
NAMEWEB BVBA (n/a)
2016-03-31 15:44Distribution SiteLocky
drirenaeris.com.au
Web Address Registration110.232.140.74 (- Australia)
2016-03-31 15:44Distribution SiteLocky
abnreview.com.au
Web Address Registration110.232.140.74 (- Australia)
2016-03-31 15:43Distribution SiteLocky
buketrose.ru
REGRU-RU (n/a)
2016-03-31 15:43Distribution SiteLocky
zakaz-sharikov.ru
REGRU-RU (n/a)
2016-03-31 15:43Distribution SiteLocky
brand-obuv.ru
REGRU-RU (n/a)
2016-03-31 13:59Botnet C&CLocky
dwytqrgblrynsgtew.org
Dynadot, LLC69.195.129.70 (- United States)
2016-03-31 13:37Botnet C&CTeslaCrypt
csskol.org
GoDaddy.com, LLC160.153.51.192 (- United States)
2016-03-31 12:59Payment SiteTorrentLocker
stgg5jv6mqiibmax.torpoint.ch
(n/a)
2016-03-31 12:41Botnet C&CTorrentLocker
bedrifg.org
Registrar of Domain Names REG.RU[...] (n/a)
2016-03-31 12:26Distribution SiteLocky
epegasus.pl
Consulting Service Sp. z o.o.91.200.184.116 (- Poland)
2016-03-31 12:26Distribution SiteLocky
grzegorzschreiber.pl
AZ.pl Sp. z o.o.193.106.238.29 (- Poland)
2016-03-31 10:26Distribution SiteLocky
pure-line.com.pl
Consulting Service Sp. z o.o.193.106.238.29 (- Poland)
2016-03-31 10:26Distribution SiteLocky
new.teamlight.ru
REGRU-RU (n/a)
2016-03-31 08:50Distribution SiteLocky
assura-courtage.org
1 & 1 Internet AG212.227.247.72 (- Germany)
2016-03-31 08:49Distribution SiteLocky
bonares.pl
Consulting Service Sp. z o.o.188.40.44.195 (- Germany)
2016-03-31 08:48Distribution SiteLocky
arcfestoheni.hu
178.238.222.219 (- Hungary)
2016-03-31 08:48Distribution SiteLocky
xn--po-wqa.pl
Consulting Service Sp. z o.o.193.106.238.29 (- Poland)
2016-03-31 08:46Distribution SiteLocky
oceancraftnepal.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...] (n/a)
2016-03-31 07:53Botnet C&CTorrentLocker
velodrivve.biz
PDR LTD. D/B/A PUBLICDOMAINREGIS[...] (n/a)
2016-03-31 06:04Distribution SiteLocky
photronlamp.com
PLANETDOMAIN PTY LTD.101.0.69.226 (- Australia)
2016-03-31 05:29Botnet C&CLocky
31.41.44.130
31.41.44.130 (- Russian Federation)
2016-03-31 05:28Botnet C&CLocky
51.254.240.45
51.254.240.45 (- France)
2016-03-31 05:18Distribution SiteLocky
blog.saletron.net
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]91.215.216.56 (- Bulgaria)
2016-03-31 05:18Distribution SiteLocky
hiddenhandbags.com
CSL COMPUTER SERVICE LANGENBACH [...]217.69.44.35 (- United Kingdom)
2016-03-31 05:17Distribution SiteLocky
lojaagrometal.com.br
209.126.22.187 (- United States)
2016-03-31 05:15Distribution SiteLocky
blog.insite.pt
193.126.240.145 (- Portugal)
2016-03-31 05:14Distribution SiteLocky
dev.orolatina.com
GODADDY.COM, LLC162.252.104.207 (- United States)
2016-03-31 05:14Distribution SiteLocky
itead-europe.com
1 API GMBH213.9.21.88 (- Germany)
2016-03-31 05:14Distribution SiteLocky
zilton.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]81.95.122.229 (- Belgium)
2016-03-31 05:14Distribution SiteLocky
caferacerpneus.com.br
177.185.194.112 (- Brazil)
2016-03-30 22:06Botnet C&CLocky
82.146.37.200
82.146.37.200 (- Russian Federation)
2016-03-30 16:34Distribution SiteLocky
kingsstaging.consines.in
ZNet Technologies Private Limite[...] (n/a)
2016-03-30 16:33Distribution SiteLocky
srijanexportstowelwarmers.co.uk
PDR Ltd. d/b/a PublicDomainRegis[...]213.52.128.146 (- United Kingdom)
2016-03-30 15:54Botnet C&CTeslaCrypt
grosirkecantikan.com
ENOM, INC.192.185.51.87 (- United States)
2016-03-30 14:02Botnet C&CLocky
93.170.131.108
93.170.131.108 (- Russian Federation)
2016-03-30 13:29Distribution SiteLocky
fabiocaminero.com
NETEARTH ONE INC. D/B/A NETEARTH (n/a)
2016-03-30 13:29Distribution SiteLocky
cssrd.org.lb
5.172.159.231 (- United Kingdom)
2016-03-30 12:54Botnet C&CTeslaCrypt
naturstein-schubert.de
91.250.80.97 (- Germany)
2016-03-30 11:59Distribution SiteLocky
www.deco-dessert.com
GANDI SAS195.154.38.196 (- France)
2016-03-30 11:58Distribution SiteLocky
aztechnologies.co.uk
Wild West Domains, Inc.192.124.249.18 (- United States)
2016-03-30 11:58Distribution SiteLocky
refindsexy.com
GODADDY.COM, LLC192.80.146.30 (- United States)
2016-03-30 10:00Botnet C&CLocky
83.217.25.239
83.217.25.239 (- Russian Federation)
2016-03-30 09:03Distribution SiteLocky
rtcs.com.my
0.75.62.145 (n/a)
2016-03-30 09:02Distribution SiteLocky
arredamentibielle.com
ENOM, INC.79.98.45.56 (- Italy)
2016-03-30 09:02Distribution SiteLocky
www.therapiemontpellier.fr
GANDI (n/a)
2016-03-30 09:02Distribution SiteLocky
divaradyo.com
NICS TELEKOMUNIKASYON TICARET LT[...]45.33.9.234 (- United States)
2016-03-30 09:01Distribution SiteLocky
alexsolenni.it
PLY-REG178.237.15.128 (- Italy)
2016-03-30 09:01Distribution SiteLocky
chocolatesindustrial.com
ENOM, INC.104.236.195.85 (- United States)
2016-03-30 09:00Distribution SiteLocky
fatihyagci.com
GODADDY.COM, LLC185.172.146.83 (- Netherlands)
2016-03-30 08:59Distribution SiteLocky
www.royalcaribbeanbeddingcollection.com
GODADDY.COM, LLC64.207.185.206 (- United States)
2016-03-30 08:55Distribution SiteLocky
folk.garnet-soft.com
TLD REGISTRAR SOLUTIONS LTD (n/a)
2016-03-30 08:55Distribution SiteLocky
downloadroot.com
GODADDY.COM, LLC185.53.179.8 (- Germany)
2016-03-30 08:55Distribution SiteLocky
cainabela.com
GODADDY.COM, LLC46.101.10.216 (- United Kingdom)
2016-03-30 08:51Distribution SiteLocky
bikerswear.co.uk
1 & 1 Internet SE82.146.139.56 (- United Kingdom)
2016-03-30 08:51Distribution SiteLocky
princesa-de-ebano.com
OVH (n/a)
2016-03-30 08:50Distribution SiteLocky
azcarpartsuk.com
MESH DIGITAL LIMITED217.199.164.198 (- United Kingdom)
2016-03-30 08:49Distribution SiteLocky
hotpassion.co.uk
eNom, Inc.5.102.190.238 (- United Kingdom)
2016-03-30 07:39Payment SiteLocky
25z5g623wpqpdwis.onion.to
185.100.85.150 (- Romania) +1 A record(s) 192.36.27.5 (AS60729, - Sweden)
2016-03-30 06:12Distribution SiteLocky
tbde.com.vn
162.243.4.79 (- United States)
2016-03-30 06:12Distribution SiteLocky
silvec.com
UNITED-DOMAINS AG212.9.177.16 (- Germany)
2016-03-30 06:11Distribution SiteLocky
jeweldiva.com
NETWORK SOLUTIONS, LLC.104.207.242.191 (- United States)
2016-03-30 06:11Distribution SiteLocky
hindleys.com
REGISTER.IT SPA194.12.14.73 (- United Kingdom)
2016-03-30 06:10Distribution SiteLocky
gazoccaz.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]83.143.23.4 (- France)
2016-03-30 06:10Distribution SiteLocky
chilloutplanet.com
REGIONAL NETWORK INFORMATION CEN[...]109.71.69.138 (- Slovakia)
2016-03-30 06:10Distribution SiteLocky
canadattparts.com
GODADDY.COM, LLC66.96.160.128 (- United States)
2016-03-30 06:09Distribution SiteLocky
3r.com.ua
ua.1gb (n/a)
2016-03-29 23:43Botnet C&CTeslaCrypt
vtc360.com
GODADDY.COM, LLC107.180.34.199 (- United States)
2016-03-29 18:19Botnet C&CCryptoWall
estudiobarco.com.ar
50.22.11.55 (- United States)
2016-03-29 16:26Botnet C&CLocky
5.135.76.18
5.135.76.18 (- France)
2016-03-29 14:41Distribution SiteLocky
it-mall.eu
PDR Ltd.95.87.7.112 (- Bulgaria)
2016-03-29 13:31Botnet C&CLocky
109.234.35.128
109.234.35.128 (- Russian Federation)
2016-03-29 12:59Botnet C&CTeslaCrypt
starsoftheworld.org
PDR Ltd. d/b/a PublicDomainRegis[...]166.62.28.102 (- United States)

# of rows displayed: 100
# of entries in database: 12'863

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 >