Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-03-08 15:38Botnet C&CLocky
89.108.85.163
89.108.85.163 (- Russian Federation)
2016-03-08 15:34Botnet C&CLocky
149.154.157.14
149.154.157.14 (- Italy)
2016-03-08 13:55Distribution SiteLocky
51457642.de.strato-hosting.eu
STRATO AG81.169.145.153 (- Germany)
2016-03-08 13:55Distribution SiteLocky
het-havenhuis.nl
Hosting2GO B.V. (n/a)
2016-03-08 13:55Distribution SiteLocky
kokoko.himegimi.jp
112.140.42.29 (- Japan)
2016-03-08 13:55Distribution SiteLocky
lahmar.choukri.perso.neuf.fr
Société Française du Radioté[...]86.65.123.70 (- France)
2016-03-08 13:55Distribution SiteLocky
ministerepuissancejesus.com
DYNADOT, LLC (n/a)
2016-03-08 13:55Distribution SiteLocky
ozono.org.es
212.227.247.216 (- Germany)
2016-03-08 13:55Distribution SiteLocky
www.vtipnetriko.cz
REG-MEDIA4WEB95.80.214.221 (- Czech Republic)
2016-03-08 11:58Payment SiteTorrentLocker
rzss2zfue73dfvmj.onlinerpgame.ch
(n/a)
2016-03-08 08:05Distribution SiteTeslaCrypt
greetingsjamajcaff.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-08 08:04Distribution SiteTeslaCrypt
greetingsjamajcaff.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-08 08:04Payment SiteTeslaCrypt
t54ndnku456ngkwsudqer.wallymac.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-03-08 08:03Payment SiteTeslaCrypt
hrfgd74nfksjdcnnklnwefvdsf.materdunst.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-03-08 08:02Distribution SiteTeslaCrypt
greetingsjamajcaff.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-08 08:01Distribution SiteTeslaCrypt
hellomisterbiznesqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-08 07:52Botnet C&CTorrentLocker
ghdeg.com
REGISTRAR OF DOMAIN NAMES REG.RU[...]45.33.9.234 (- United States)
2016-03-08 07:39Botnet C&CTorrentLocker
gfjhfg.com
REGISTRAR OF DOMAIN NAMES REG.RU[...] (n/a)
2016-03-08 07:37Botnet C&CTorrentLocker
geriky.org
Registrar of Domain Names REG.RU[...] (n/a)
2016-03-08 07:23Botnet C&CTeslaCrypt
drcordoba.com
GODADDY.COM, LLC50.62.125.1 (- United States)
2016-03-08 07:19Botnet C&CLocky
192.121.16.196
192.121.16.196 (- Netherlands)
2016-03-08 06:58Botnet C&CTeslaCrypt
iheartshop.net
CV. RUMAHWEB INDONESIA128.199.187.47 (- Singapore)
2016-03-08 02:39Botnet C&CLocky
glhxgchhfemcjgr.pw
101Domain, Inc.195.22.28.197 (- Portugal)
2016-03-07 21:15Botnet C&CTeslaCrypt
csucanuevo.csuca.org
Gandi SAS186.151.199.5 (- Guatemala)
2016-03-07 15:38Botnet C&CLocky
185.92.220.35
185.92.220.35 (- Netherlands)
2016-03-07 15:24Payment SiteTorrentLocker
vrvis6ndra5jeggj.livewargaming.ch
1API GmbH (n/a)
2016-03-07 15:14Payment SiteTorrentLocker
vrvis6ndra5jeggj.livegaming.ch
1API GmbH (n/a)
2016-03-07 14:47Botnet C&CTorrentLocker
fhgetyh.com
REGISTRAR OF DOMAIN NAMES REG.RU[...] (n/a)
2016-03-07 14:47Botnet C&CTeslaCrypt
newculturemediablog.com
GODADDY.COM, LLC50.63.50.75 (- United States)
2016-03-07 13:56Distribution SiteLocky
www.souqaqonline.com
FASTDOMAIN, INC.50.87.248.65 (- United States)
2016-03-07 13:56Distribution SiteLocky
www.promumedical.com
DREAMHOST, LLC69.163.217.25 (- United States)
2016-03-07 13:56Distribution SiteLocky
texfibre.eu
OnlineNIC Inc50.87.33.215 (- United States)
2016-03-07 13:56Distribution SiteLocky
surprise.co.in
GoDaddy.com, LLC (R101-AFIN)138.201.126.124 (- Germany)
2016-03-07 13:56Distribution SiteLocky
sub4.gustoitalia.ru
RU-CENTER-RU (n/a)
2016-03-07 13:56Distribution SiteLocky
shapes.com.pk
50.87.248.127 (- United States)
2016-03-07 13:56Distribution SiteLocky
scs-smesi.ru
REGRU-RU (n/a)
2016-03-07 13:56Distribution SiteLocky
ptunited.net
GODADDY.COM, LLC203.124.116.1 (- Singapore)
2016-03-07 13:56Distribution SiteLocky
lightsroom.ru
REGRU-RU (n/a)
2016-03-07 13:56Distribution SiteLocky
kievelectric.kiev.ua
ua.gransy77.87.192.214 (- Ukraine)
2016-03-07 13:56Distribution SiteLocky
kiddyshop.kiev.ua
ua.gransy (n/a)
2016-03-07 13:55Distribution SiteLocky
jldoptics.com
GUANGDONG JINWANBANG TECHNOLOGY [...]47.52.21.175 (- Canada)
2016-03-07 13:55Distribution SiteLocky
fibrefamily.ru
REGRU-RU37.140.192.177 (- Russian Federation)
2016-03-07 13:55Distribution SiteLocky
dsignshop.com.au
GoDaddy.com, LLC203.124.103.1 (- Singapore)
2016-03-07 13:55Distribution SiteLocky
azshop24.com.vn
103.42.56.170 (- Vietnam)
2016-03-07 13:55Distribution SiteLocky
alexkote.ru
REGRU-RU31.31.196.55 (- Russian Federation)
2016-03-07 13:55Distribution SiteLocky
aqarhits.com
WILD WEST DOMAINS, LLC (n/a)
2016-03-07 13:39Botnet C&CTeslaCrypt
saludaonline.com
GODADDY.COM, LLC184.168.53.1 (- United States)
2016-03-07 12:45Payment SiteTeslaCrypt
w6bfg4hahn5bfnlsafgchkvg5fwsfvrt.hareuna.at
(n/a)
2016-03-07 12:45Payment SiteTeslaCrypt
po4dbsjbneljhrlbvaueqrgveatv.bonmawp.at
(n/a)
2016-03-07 12:28Payment SiteTeslaCrypt
u54bbnhf354fbkh254tbkhjbgy8258gnkwerg.tahaplap.com
BIZCN.COM, INC.184.105.192.2 (- United States)
2016-03-07 12:27Distribution SiteTeslaCrypt
howareyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 12:27Distribution SiteTeslaCrypt
howareyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 12:26Distribution SiteTeslaCrypt
hellomisterbiznesqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 12:26Distribution SiteTeslaCrypt
hellomisterbiznesqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 11:38Botnet C&CLocky
46.108.39.18
46.108.39.18 (- Romania)
2016-03-07 11:38Botnet C&CLocky
109.237.111.168
109.237.111.168 (- Russian Federation)
2016-03-07 09:27Botnet C&CLocky
212.47.223.19
212.47.223.19 (- Estonia)
2016-03-07 09:22Distribution SiteTeslaCrypt
hellomydearqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 09:22Distribution SiteTeslaCrypt
hellomydearqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 09:22Distribution SiteTeslaCrypt
blablaworldqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:34Distribution SiteTeslaCrypt
mafianeedsyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:34Distribution SiteTeslaCrypt
mafianeedsyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:34Distribution SiteTeslaCrypt
mafianeedsyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:34Distribution SiteTeslaCrypt
mafianeedsyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:34Distribution SiteTeslaCrypt
mafianeedsyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:34Distribution SiteTeslaCrypt
mafianeedsyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:34Distribution SiteTeslaCrypt
mafianeedsyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:34Distribution SiteTeslaCrypt
mafianeedsyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:34Distribution SiteTeslaCrypt
mafianeedsyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:34Distribution SiteTeslaCrypt
mafianeedsyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:34Distribution SiteTeslaCrypt
mafianeedsyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:34Distribution SiteTeslaCrypt
mafianeedsyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:34Distribution SiteTeslaCrypt
mafianeedsyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:34Distribution SiteTeslaCrypt
mafianeedsyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:34Distribution SiteTeslaCrypt
mafianeedsyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:33Distribution SiteTeslaCrypt
mafianeedsyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:33Distribution SiteTeslaCrypt
mafianeedsyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:33Distribution SiteTeslaCrypt
mafianeedsyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:33Distribution SiteTeslaCrypt
mafianeedsyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:33Distribution SiteTeslaCrypt
mafianeedsyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:33Distribution SiteTeslaCrypt
mafianeedsyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:33Distribution SiteTeslaCrypt
mafianeedsyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:32Distribution SiteTeslaCrypt
itsyourtimeqq.su
R01-REG-FID (n/a)
2016-03-07 06:32Distribution SiteTeslaCrypt
itsyourtimeqq.su
R01-REG-FID (n/a)
2016-03-07 06:32Distribution SiteTeslaCrypt
itsyourtimeqq.su
R01-REG-FID (n/a)
2016-03-07 06:32Distribution SiteTeslaCrypt
itsyourtimeqq.su
R01-REG-FID (n/a)
2016-03-07 06:32Distribution SiteTeslaCrypt
itsyourtimeqq.su
R01-REG-FID (n/a)
2016-03-07 06:32Distribution SiteTeslaCrypt
itsyourtimeqq.su
R01-REG-FID (n/a)
2016-03-07 06:32Distribution SiteTeslaCrypt
itsyourtimeqq.su
R01-REG-FID (n/a)
2016-03-07 06:32Distribution SiteTeslaCrypt
itsyourtimeqq.su
R01-REG-FID (n/a)
2016-03-07 06:32Distribution SiteTeslaCrypt
itsyourtimeqq.su
R01-REG-FID (n/a)
2016-03-07 06:31Distribution SiteTeslaCrypt
itsyourtimeqq.su
R01-REG-FID (n/a)
2016-03-07 06:31Distribution SiteTeslaCrypt
itsyourtimeqq.su
R01-REG-FID (n/a)
2016-03-07 06:31Distribution SiteTeslaCrypt
itsyourtimeqq.su
R01-REG-FID (n/a)
2016-03-07 06:31Distribution SiteTeslaCrypt
itsyourtimeqq.su
R01-REG-FID (n/a)
2016-03-07 06:31Distribution SiteTeslaCrypt
itsyourtimeqq.su
R01-REG-FID (n/a)
2016-03-07 06:31Distribution SiteTeslaCrypt
itsyourtimeqq.su
R01-REG-FID (n/a)
2016-03-07 06:31Distribution SiteTeslaCrypt
itsyourtimeqq.su
R01-REG-FID (n/a)
2016-03-07 06:31Distribution SiteTeslaCrypt
itsyourtimeqq.su
R01-REG-FID (n/a)
2016-03-07 06:31Distribution SiteTeslaCrypt
itsyourtimeqq.su
R01-REG-FID (n/a)

# of rows displayed: 100
# of entries in database: 12'829

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 >