Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-03-30 06:12Distribution SiteLocky
tbde.com.vn
162.243.4.79 (- United States)
2016-03-30 06:12Distribution SiteLocky
silvec.com
UNITED-DOMAINS AG212.9.177.16 (- Germany)
2016-03-30 06:11Distribution SiteLocky
jeweldiva.com
NETWORK SOLUTIONS, LLC.104.207.242.191 (- United States)
2016-03-30 06:11Distribution SiteLocky
hindleys.com
REGISTER.IT SPA194.12.14.73 (- United Kingdom)
2016-03-30 06:10Distribution SiteLocky
gazoccaz.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]83.143.23.4 (- France)
2016-03-30 06:10Distribution SiteLocky
chilloutplanet.com
REGIONAL NETWORK INFORMATION CEN[...]109.71.69.138 (- Slovakia)
2016-03-30 06:10Distribution SiteLocky
canadattparts.com
GODADDY.COM, LLC66.96.160.128 (- United States)
2016-03-30 06:09Distribution SiteLocky
3r.com.ua
ua.1gb (n/a)
2016-03-29 23:43Botnet C&CTeslaCrypt
vtc360.com
GODADDY.COM, LLC107.180.34.199 (- United States)
2016-03-29 18:19Botnet C&CCryptoWall
estudiobarco.com.ar
50.22.11.55 (- United States)
2016-03-29 16:26Botnet C&CLocky
5.135.76.18
5.135.76.18 (- France)
2016-03-29 14:41Distribution SiteLocky
it-mall.eu
PDR Ltd.95.87.7.112 (- Bulgaria)
2016-03-29 13:31Botnet C&CLocky
109.234.35.128
109.234.35.128 (- Russian Federation)
2016-03-29 12:59Botnet C&CTeslaCrypt
starsoftheworld.org
PDR Ltd. d/b/a PublicDomainRegis[...]166.62.28.102 (- United States)
2016-03-29 12:53Distribution SiteLocky
divyabooks.com
NET 4 INDIA LIMITED207.174.215.236 (- United States)
2016-03-29 12:49Botnet C&CTorrentLocker
freemooon.org
Registrar of Domain Names REG.RU[...] (n/a)
2016-03-29 12:45Payment SiteTorrentLocker
3qbyaoohkcqkzrz6.torcommunity.ch
(n/a)
2016-03-29 12:19Distribution SiteLocky
importtoys.nl
Nines B.V.213.171.133.87 (- Netherlands)
2016-03-29 12:19Distribution SiteLocky
yorkshirecyclecompany.com
LCN.COM LTD.212.38.162.150 (- United Kingdom)
2016-03-29 12:19Distribution SiteLocky
ora.life
GoDaddy.com, LLC42.117.1.248 (- Vietnam)
2016-03-29 12:19Distribution SiteLocky
viki-s.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]95.85.12.149 (- Netherlands)
2016-03-29 12:18Distribution SiteLocky
eclipsehotels.com
DOMAIN.COM, LLC96.125.185.100 (- Canada)
2016-03-29 11:59Botnet C&CLocky
185.75.46.4
185.75.46.4 (- Russian Federation)
2016-03-29 11:44Botnet C&CLocky
83.217.8.127
83.217.8.127 (- Russian Federation)
2016-03-29 10:58Distribution SiteLocky
workingcatstudios.com
GODADDY.COM, LLC184.168.139.1 (- United States)
2016-03-29 10:58Distribution SiteLocky
dukeplasticslab.com
GODADDY.COM, LLC (n/a)
2016-03-29 09:18Payment SiteTeslaCrypt
2bdfb.spinakrosa.at
(n/a)
2016-03-29 09:17Payment SiteTeslaCrypt
88fga.ketteaero.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-03-29 08:03Botnet C&CLocky
78.46.170.79
78.46.170.79 (- Germany)
2016-03-29 07:47Botnet C&CLocky
185.141.25.150
185.141.25.150 (- Romania)
2016-03-28 18:13Botnet C&CTeslaCrypt
holishit.in
GoDaddy.com, LLC (R101-AFIN)160.153.63.4 (- United States)
2016-03-28 15:22Botnet C&CLocky
92.63.87.134
92.63.87.134 (- Latvia)
2016-03-28 15:22Botnet C&CLocky
91.200.14.73
91.200.14.73 (- Ukraine)
2016-03-28 12:13Botnet C&CPayCrypt
livingbybuddhism.com
TUCOWS DOMAINS INC.103.6.198.132 (- Malaysia)
2016-03-28 12:13Botnet C&CPayCrypt
livingbybuddhism.com
TUCOWS DOMAINS INC.103.6.198.132 (- Malaysia)
2016-03-28 10:07Botnet C&CTeslaCrypt
minteee.com
KEY-SYSTEMS GMBH (n/a)
2016-03-28 02:54Botnet C&CLocky
84.19.170.249
84.19.170.249 (- Germany)
2016-03-27 17:37Botnet C&CLocky
185.117.72.94
185.117.72.94 (- Netherlands)
2016-03-27 17:37Botnet C&CLocky
176.31.47.100
176.31.47.100 (- France)
2016-03-27 10:55Botnet C&CTeslaCrypt
asianbooty.net
GODADDY.COM, LLC107.180.50.230 (- United States)
2016-03-27 09:39Distribution SiteLocky
empoweringinternationalministries.org
GoDaddy.com, LLC184.168.221.26 (- United States)
2016-03-27 09:38Distribution SiteLocky
www.farmastock.ru
RU-CENTER-RU178.210.64.73 (- Russian Federation)
2016-03-27 09:23Distribution SiteLocky
skyray.ie
80.111.16.114 (- Ireland)
2016-03-27 09:22Distribution SiteLocky
tigabersaudara.com
HOSTINGER UAB (n/a)
2016-03-27 09:22Distribution SiteLocky
mskphilly.org
GoDaddy.com, LLC184.168.47.225 (- United States)
2016-03-27 09:21Distribution SiteLocky
emprendamosjuntos.com
NEUBOX INTERNET SA DE CV52.204.129.22 (- United States) +1 A record(s) 54.85.127.70 (AS3900, - United States)
2016-03-27 09:21Distribution SiteLocky
famouscouponcodes.com
GODADDY.COM, LLC45.33.9.234 (- United States)
2016-03-27 09:21Distribution SiteLocky
catalog.olegran.com
TUCOWS DOMAINS INC. (n/a)
2016-03-27 09:20Distribution SiteLocky
enticemetwo.yzwebsite.com
GODADDY.COM, LLC (n/a)
2016-03-27 09:20Distribution SiteLocky
khacphucwifiyeu.com
ONLINENIC, INC. (n/a)
2016-03-27 09:20Distribution SiteLocky
kokalsportsco.com
ONLINENIC, INC. (n/a)
2016-03-27 09:19Distribution SiteLocky
barocchiautofficina.it
PLY-REG178.237.15.128 (- Italy)
2016-03-27 09:19Distribution SiteLocky
smenterprisesgroup.com
LAUNCHPAD.COM, INC.192.254.225.179 (- United States)
2016-03-27 09:19Distribution SiteLocky
miss-green.ru
NAUNET-RU146.185.243.134 (- Russian Federation)
2016-03-27 09:18Distribution SiteLocky
oktransport.eu
INTERNET CZ, a.s.81.2.195.73 (- Czech Republic)
2016-03-27 09:18Distribution SiteLocky
kutumobilya.com.tr
185.122.13.177 (- Turkey) +1 A record(s) 185.122.13.37 (AS42926, - Turkey)
2016-03-27 09:17Distribution SiteLocky
luroweb.sk
(n/a)
2016-03-27 09:17Distribution SiteLocky
golfenaccion.com
GODADDY.COM, LLC (n/a)
2016-03-26 11:16Botnet C&CLocky
89.108.84.132
89.108.84.132 (- Russian Federation)
2016-03-26 08:56Payment SiteTorrentLocker
3qbyaoohkcqkzrz6.tordoor.li
(n/a)
2016-03-26 08:46Botnet C&CTorrentLocker
redtable.biz
PDR LTD. D/B/A PUBLICDOMAINREGIS[...] (n/a)
2016-03-25 19:02Botnet C&CTeslaCrypt
www.affiliateproductes.com
GODADDY.COM, LLC107.180.4.124 (- United States)
2016-03-25 19:02Botnet C&CTeslaCrypt
strategicdisaster.info
Crazy Domains FZ-LLC192.186.197.161 (- United States)
2016-03-25 16:29Botnet C&CTeslaCrypt
affiliateproductes.com
GODADDY.COM, LLC107.180.4.124 (- United States)
2016-03-25 16:11Botnet C&CLocky
bwpegsfa.info
GoDaddy.com, LLC45.56.77.175 (- United States)
2016-03-25 11:48Botnet C&CLocky
xyhhuxa.be
101Domain, Inc.195.22.28.196 (- Portugal)
2016-03-25 11:48Botnet C&CLocky
swfqg.in
Enom Inc. (R46-AFIN)208.100.26.234 (- United States)
2016-03-25 10:54Botnet C&CLocky
uhgmnigjpf.biz
REGTIME LTD.93.170.104.127 (- Netherlands)
2016-03-25 10:54Botnet C&CLocky
hmndhdbscgru.pw
Dynadot LLC69.195.129.70 (- United States)
2016-03-25 08:29Payment SiteTeslaCrypt
uj5nj.onanwhit.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-03-25 08:27Payment SiteTeslaCrypt
2gdb4.leoraorage.at
(n/a)
2016-03-24 21:04Botnet C&CTeslaCrypt
videoaminproduktion.de
87.238.192.67 (- Germany)
2016-03-24 14:32Botnet C&CTeslaCrypt
mcgroupuae.com
GODADDY.COM, LLC166.62.28.147 (- United States)
2016-03-24 14:08Botnet C&CLocky
46.8.44.39
46.8.44.39 (- Russian Federation)
2016-03-24 11:14Distribution SiteTeslaCrypt
jeansowghsqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-24 11:02Botnet C&CTeslaCrypt
pilfingr.com
GODADDY.COM, LLC192.186.208.225 (- United States)
2016-03-24 10:35Payment SiteTorrentLocker
3qbyaoohkcqkzrz6.torgateway.li
(n/a)
2016-03-24 10:34Payment SiteTeslaCrypt
6g4ds.froekuge.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-03-24 10:21Payment SiteTeslaCrypt
9hrds.wolfcrap.at
(n/a)
2016-03-24 08:48Botnet C&CTeslaCrypt
setprosports.info
GoDaddy.com, LLC198.12.157.163 (- United States)
2016-03-24 08:45Botnet C&CTeslaCrypt
marvel-games.com
EVOPLUS LTD167.160.162.182 (- United States)
2016-03-24 08:20Distribution SiteLocky
missdionnemendez.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]209.99.40.222 (- United States)
2016-03-23 17:01Botnet C&CLocky
217.12.218.158
217.12.218.158 (- Netherlands)
2016-03-23 15:23Distribution SiteLocky
ipekmodakaftan.com
FBS INC. (n/a)
2016-03-23 13:42Distribution SiteLocky
mgm88tv.com
NAME.COM, INC. (n/a)
2016-03-23 12:20Botnet C&CLocky
84.19.170.244
84.19.170.244 (- Germany)
2016-03-23 12:00Botnet C&CTeslaCrypt
samuday.org
GoDaddy.com, LLC50.31.14.17 (- United States)
2016-03-23 12:00Botnet C&CTeslaCrypt
maxmpl.com
BIGROCK SOLUTIONS LIMITED103.27.87.88 (- India)
2016-03-23 10:38Distribution SiteLocky
phukienchat.com.vn
(n/a)
2016-03-23 08:02Payment SiteLocky
32kl2rwsjvqjeui7.tor2web.org
Tucows Inc.185.100.85.150 (- Romania) +1 A record(s) 192.36.27.5 (AS60729, - Sweden)
2016-03-23 08:02Payment SiteLocky
32kl2rwsjvqjeui7.onion.cab
InterNetworX Ltd. & Co. KG62.138.11.6 (- Germany)
2016-03-23 08:02Payment SiteLocky
32kl2rwsjvqjeui7.onion.to
185.100.85.150 (- Romania) +1 A record(s) 192.36.27.5 (AS60729, - Sweden)
2016-03-23 07:43Payment SiteTeslaCrypt
vewrb.italisumo.at
(n/a)
2016-03-23 07:43Payment SiteTeslaCrypt
gwbak.nickymaru.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-03-22 17:17Botnet C&CTeslaCrypt
diwali2k15.in
Webiq Domains Solutions Pvt. Ltd[...]64.20.35.186 (- United States)
2016-03-22 15:32Distribution SiteTeslaCrypt
grandaareyoucc.asia
PDR Ltd. d/b/a PublicDomainRegis[...] (n/a)
2016-03-22 15:32Distribution SiteTeslaCrypt
grandaareyoucc.asia
PDR Ltd. d/b/a PublicDomainRegis[...] (n/a)
2016-03-22 15:32Distribution SiteTeslaCrypt
grandaareyoucc.asia
PDR Ltd. d/b/a PublicDomainRegis[...] (n/a)
2016-03-22 15:32Distribution SiteTeslaCrypt
grandaareyoucc.asia
PDR Ltd. d/b/a PublicDomainRegis[...] (n/a)
2016-03-22 15:32Distribution SiteTeslaCrypt
isityouereqq.com
KEY-SYSTEMS GMBH (n/a)

# of rows displayed: 100
# of entries in database: 12'877

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 >