Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-03-17 23:57Botnet C&CCryptoWall
bolizarsospos.com
GoDaddy.com, LLC195.157.15.100 (- United Kingdom)
2016-03-17 23:57Botnet C&CCryptoWall
bolizarsospos.com
GoDaddy.com, LLC195.157.15.100 (- United Kingdom)
2016-03-17 23:57Botnet C&CCryptoWall
bolizarsospos.com
GoDaddy.com, LLC195.157.15.100 (- United Kingdom)
2016-03-17 23:57Botnet C&CCryptoWall
bolizarsospos.com
GoDaddy.com, LLC195.157.15.100 (- United Kingdom)
2016-03-17 23:57Botnet C&CCryptoWall
bolizarsospos.com
GoDaddy.com, LLC195.157.15.100 (- United Kingdom)
2016-03-17 23:57Botnet C&CCryptoWall
bolizarsospos.com
GoDaddy.com, LLC195.157.15.100 (- United Kingdom)
2016-03-17 23:57Botnet C&CCryptoWall
bolizarsospos.com
GoDaddy.com, LLC195.157.15.100 (- United Kingdom)
2016-03-17 23:57Botnet C&CCryptoWall
bolizarsospos.com
GoDaddy.com, LLC195.157.15.100 (- United Kingdom)
2016-03-17 23:57Botnet C&CCryptoWall
bolizarsospos.com
GoDaddy.com, LLC195.157.15.100 (- United Kingdom)
2016-03-17 23:57Botnet C&CCryptoWall
bolizarsospos.com
GoDaddy.com, LLC195.157.15.100 (- United Kingdom)
2016-03-17 23:57Botnet C&CCryptoWall
bolizarsospos.com
GoDaddy.com, LLC195.157.15.100 (- United Kingdom)
2016-03-17 23:57Botnet C&CCryptoWall
bolizarsospos.com
GoDaddy.com, LLC195.157.15.100 (- United Kingdom)
2016-03-17 23:57Botnet C&CCryptoWall
bolizarsospos.com
GoDaddy.com, LLC195.157.15.100 (- United Kingdom)
2016-03-17 23:57Botnet C&CCryptoWall
bolizarsospos.com
GoDaddy.com, LLC195.157.15.100 (- United Kingdom)
2016-03-17 23:57Botnet C&CCryptoWall
bolizarsospos.com
GoDaddy.com, LLC195.157.15.100 (- United Kingdom)
2016-03-17 23:57Botnet C&CCryptoWall
bolizarsospos.com
GoDaddy.com, LLC195.157.15.100 (- United Kingdom)
2016-03-17 23:57Botnet C&CCryptoWall
bolizarsospos.com
GoDaddy.com, LLC195.157.15.100 (- United Kingdom)
2016-03-17 23:57Botnet C&CCryptoWall
bolizarsospos.com
GoDaddy.com, LLC195.157.15.100 (- United Kingdom)
2016-03-17 23:57Botnet C&CCryptoWall
bolizarsospos.com
GoDaddy.com, LLC195.157.15.100 (- United Kingdom)
2016-03-17 23:57Botnet C&CCryptoWall
bolizarsospos.com
GoDaddy.com, LLC195.157.15.100 (- United Kingdom)
2016-03-17 23:57Botnet C&CCryptoWall
bolizarsospos.com
GoDaddy.com, LLC195.157.15.100 (- United Kingdom)
2016-03-17 23:57Botnet C&CCryptoWall
bolizarsospos.com
GoDaddy.com, LLC195.157.15.100 (- United Kingdom)
2016-03-17 23:57Botnet C&CCryptoWall
bolizarsospos.com
GoDaddy.com, LLC195.157.15.100 (- United Kingdom)
2016-03-17 23:57Botnet C&CCryptoWall
bolizarsospos.com
GoDaddy.com, LLC195.157.15.100 (- United Kingdom)
2016-03-17 23:57Botnet C&CCryptoWall
bolizarsospos.com
GoDaddy.com, LLC195.157.15.100 (- United Kingdom)
2016-03-17 18:22Botnet C&CLocky
plfbvdrpvsm.pw
Namecheap208.100.26.234 (- United States)
2016-03-17 07:14Botnet C&CTeslaCrypt
shampooherbal.com
NAME.COM, INC. (n/a)
2016-03-16 23:48Botnet C&CTeslaCrypt
joshsawyerdesign.com
GODADDY.COM, LLC107.180.4.11 (- United States)
2016-03-16 16:31Botnet C&CLocky
51.254.181.122
51.254.181.122 (- France)
2016-03-16 14:19Botnet C&CTeslaCrypt
hmgame.net
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-16 13:57Payment SiteTorrentLocker
3qbyaoohkcqkzrz6.bestxprice.ch
(n/a)
2016-03-16 13:56Payment SiteTorrentLocker
3qbyaoohkcqkzrz6.livecamshow.ch
(n/a)
2016-03-16 13:53Payment SiteTorrentLocker
3qbyaoohkcqkzrz6.tormaster.fr
1API GmbH (n/a)
2016-03-16 13:43Botnet C&CLocky
51.255.107.8
51.255.107.8 (- France)
2016-03-16 13:28Botnet C&CTeslaCrypt
marketathart.com
CRAZY DOMAINS FZ-LLC192.185.35.88 (- United States)
2016-03-16 13:13Botnet C&CLocky
91.195.12.187
91.195.12.187 (- Ukraine)
2016-03-16 12:47Payment SiteTorrentLocker
3qbyaoohkcqkzrz6.torstation.li
(n/a)
2016-03-16 12:38Botnet C&CTorrentLocker
dumberg.org
Registrar of Domain Names REG.RU[...] (n/a)
2016-03-16 10:21Botnet C&CCTB-Locker
beedqybvjehzlud5.tor2web.org
Tucows Inc.194.150.168.70 (- Germany)
2016-03-16 10:17Botnet C&CTeslaCrypt
esbook.com
ENOM, INC. (n/a)
2016-03-16 09:57Payment SiteTeslaCrypt
kkr4hbwdklf234bfl84uoqleflqwrfqwuelfh.brazabaya.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-03-16 07:30Botnet C&CTeslaCrypt
prodocument.co.uk
GoDaddy.com, LLP.67.23.226.169 (- United States)
2016-03-16 07:29Payment SiteTorrentLocker
3qbyaoohkcqkzrz6.torgate.es
(n/a)
2016-03-15 20:07Botnet C&CLocky
188.127.231.116
188.127.231.116 (- Russian Federation)
2016-03-15 17:14Botnet C&CLocky
37.139.27.52
37.139.27.52 (- Netherlands)
2016-03-15 14:30Distribution SiteLocky
hppl.net
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]207.148.248.143 (- United States)
2016-03-15 14:30Distribution SiteLocky
glslindia.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]98.131.204.1 (- United States)
2016-03-15 14:29Distribution SiteLocky
gargsons.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]98.131.204.1 (- United States)
2016-03-15 14:29Distribution SiteLocky
flaxxup.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]98.131.204.1 (- United States)
2016-03-15 14:29Distribution SiteLocky
demo.essarinfotech.net
GODADDY.COM, LLC98.131.204.1 (- United States)
2016-03-15 14:29Distribution SiteLocky
creditwallet.net
GODADDY.COM, LLC184.168.221.3 (- United States)
2016-03-15 14:28Distribution SiteLocky
c001456.aaa.ididp.com
XIN NET TECHNOLOGY CORPORATION47.91.139.156 (- United States)
2016-03-15 14:28Distribution SiteLocky
alumaxgroup.in
Webiq Domains Solutions Pvt. Ltd[...]98.131.204.1 (- United States)
2016-03-15 14:26Distribution SiteLocky
aimsande.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]98.131.204.1 (- United States)
2016-03-15 13:29Payment SiteTorrentLocker
3qbyaoohkcqkzrz6.torplanet.eu
eNom, Inc (n/a)
2016-03-15 12:43Botnet C&CLocky
51.255.107.10
51.255.107.10 (- France)
2016-03-15 11:43Botnet C&CTeslaCrypt
esbook.com
ENOM, INC. (n/a)
2016-03-15 08:11Botnet C&CTeslaCrypt
nlhomegarden.com
GODADDY.COM, LLC107.180.50.210 (- United States)
2016-03-15 07:51Botnet C&CTeslaCrypt
emmy2015.com
GODADDY.COM, LLC107.180.50.183 (- United States)
2016-03-15 07:38Distribution SiteTeslaCrypt
imgointoeatnowcc.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-15 07:38Distribution SiteTeslaCrypt
imgointoeatnowcc.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-15 07:38Distribution SiteTeslaCrypt
giveitalltheresqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-15 07:38Distribution SiteTeslaCrypt
giveitalltheresqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-14 15:40Botnet C&CTeslaCrypt
kel52.com
1&1 INTERNET SE108.167.141.20 (- United States)
2016-03-14 15:21Distribution SiteTeslaCrypt
washitallawayff.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-14 15:21Distribution SiteTeslaCrypt
giveitallhereqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-14 09:16Distribution SiteTeslaCrypt
ohelloguyff.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-14 09:15Distribution SiteTeslaCrypt
bonjovijonqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-14 07:49Payment SiteTeslaCrypt
974gfbjhb23hbfkyfaby3byqlyuebvly5q254y.mendilobo.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-03-14 07:42Payment SiteTeslaCrypt
a64gfdsjhb4htbiwaysbdvukyft5q.zobodine.at
(n/a)
2016-03-14 07:35Distribution SiteTeslaCrypt
ohelloguyqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-14 07:35Distribution SiteTeslaCrypt
ohelloguymyff.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-14 07:35Distribution SiteTeslaCrypt
ohelloguyzzqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-14 07:35Distribution SiteTeslaCrypt
howisittomorrowff.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-14 07:34Distribution SiteTeslaCrypt
bonjovijonqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-14 06:34Botnet C&CTeslaCrypt
198.1.95.93
(n/a)
2016-03-12 23:23Botnet C&CPayCrypt
neyenirneicilir.com
NICS TELEKOMUNIKASYON TICARET LT[...]94.73.150.190 (- Turkey)
2016-03-12 20:09Botnet C&CPayCrypt
promedia.co.in
GoDaddy.com, LLC (R101-AFIN)192.185.21.126 (- United States)
2016-03-12 10:21Botnet C&CTeslaCrypt
controlfreaknetworks.com
GODADDY.COM, LLC97.74.249.1 (- United States)
2016-03-12 09:43Botnet C&CCryptoWall
oregonreversemortgage.com
NAMEPAL.COM, LLC198.143.138.43 (- United States)
2016-03-12 09:43Botnet C&CCryptoWall
jambola.com
123-REG LIMITED208.109.189.88 (- United States)
2016-03-12 09:23Botnet C&CTeslaCrypt
shirongfeng.cn
浙江贰贰网络有限公司103.254.148.121 (- Hong Kong)
2016-03-11 21:48Botnet C&CLocky
91.234.32.192
91.234.32.192 (- Ukraine)
2016-03-11 19:35Botnet C&CLocky
91.219.30.254
91.219.30.254 (- Ukraine)
2016-03-11 13:41Botnet C&CLocky
31.184.196.75
31.184.196.75 (- Russian Federation)
2016-03-11 13:41Botnet C&CTeslaCrypt
sappmtraining.com
GODADDY.COM, LLC (n/a)
2016-03-11 13:04Payment SiteTeslaCrypt
bfd45u8ehdklrfqwlhbhjbgqw.niptana.at
(n/a)
2016-03-11 10:52Distribution SiteLocky
www.momstav.com
CSL COMPUTER SERVICE LANGENBACH [...]178.217.244.11 (- Czech Republic)
2016-03-11 10:52Distribution SiteLocky
galit-law.co.il
62.219.197.70 (- Israel)
2016-03-11 10:51Distribution SiteLocky
peterdickem.com
WILD WEST DOMAINS, LLC (n/a)
2016-03-11 10:51Distribution SiteLocky
nobilitas.cz
REG-STABLE88.86.120.181 (- Czech Republic)
2016-03-11 10:51Distribution SiteLocky
50.28.211.199
(n/a)
2016-03-11 10:51Distribution SiteLocky
nro.gov.sd
(n/a)
2016-03-11 10:20Distribution SiteLocky
ghayatv.com
DOMAIN.COM, LLC (n/a)
2016-03-11 10:13Distribution SiteTeslaCrypt
mommycantakeff.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-11 10:13Distribution SiteTeslaCrypt
mommycantakeff.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-11 10:12Distribution SiteTeslaCrypt
hellomississmithqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-11 10:12Distribution SiteTeslaCrypt
hellomississmithqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-11 08:58Payment SiteTeslaCrypt
kh5jfnvkk5twerfnku5twuilrnglnuw45yhlw.vealsithe.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-03-11 06:52Botnet C&CTeslaCrypt
vtechshop.net
GODADDY.COM, LLC203.124.115.1 (- Singapore)

# of rows displayed: 100
# of entries in database: 12'974

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 >