Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-03-11 06:47Distribution SiteLocky
kaleofis.com
NICS TELEKOMUNIKASYON TICARET LT[...]69.64.35.2 (- United States)
2016-03-10 17:56Botnet C&CLocky
31.184.196.78
31.184.196.78 (- Russian Federation)
2016-03-10 15:54Botnet C&CTeslaCrypt
multibrandphone.com
1&1 INTERNET SE (n/a)
2016-03-10 13:36Payment SiteTeslaCrypt
irhng84nfaslbv243ljtblwqjrb.pinnafaon.at
(n/a)
2016-03-10 13:35Payment SiteTeslaCrypt
rbg4hfbilrf7to452p89hrfq.boonmower.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-03-10 12:32Botnet C&CTeslaCrypt
tele-channel.com
REALTIME REGISTER BV178.162.214.146 (- Germany)
2016-03-10 11:40Botnet C&CLocky
91.234.33.149
91.234.33.149 (- Ukraine)
2016-03-10 11:18Botnet C&CTorrentLocker
vitrok.org
Registrar of Domain Names REG.RU[...] (n/a)
2016-03-10 10:52Distribution SiteLocky
xn--b1afonddk2l.xn--p1ai
(n/a)
2016-03-10 10:51Distribution SiteLocky
ncrweb.in
Webiq Domains Solutions Pvt. Ltd[...]146.88.26.212 (- India)
2016-03-10 10:51Distribution SiteLocky
iwear.md
(n/a)
2016-03-10 10:50Distribution SiteLocky
fortyseven.com.ar
184.154.100.2 (- United States)
2016-03-10 10:50Distribution SiteLocky
fashion-boutique.com.ua
ua.nic185.65.245.177 (- Ukraine)
2016-03-10 06:39Botnet C&CCryptoWall
gibdd.ws
Regtime.net Ltd.178.208.83.11 (- Russian Federation)
2016-03-10 06:39Botnet C&CCryptoWall
anoukdelecluse.nl
Hosting2GO B.V.83.137.194.20 (- Netherlands)
2016-03-10 05:51Botnet C&CTeslaCrypt
specializedaccess.co.uk
Namesco Limited85.233.160.146 (- United Kingdom)
2016-03-09 20:39Botnet C&CLocky
151.236.14.51
151.236.14.51 (- Netherlands)
2016-03-09 19:25Botnet C&CLocky
egovrxvuspxck.be
101Domain, Inc.195.22.26.248 (- Portugal)
2016-03-09 19:25Botnet C&CLocky
bqbbsfdw.be
101Domain, Inc.195.22.28.199 (- Portugal)
2016-03-09 19:25Botnet C&CLocky
78.40.108.39
78.40.108.39 (- Kazakhstan)
2016-03-09 17:40Botnet C&CCryptoWall
marciogerhardtsouza.com.br
186.202.153.14 (- Brazil)
2016-03-09 16:23Botnet C&CTeslaCrypt
cam-itour.info
GoDaddy.com, LLC188.40.132.132 (- Germany)
2016-03-09 16:23Botnet C&CTeslaCrypt
ahlanmedicalcentre.com
GODADDY.COM, LLC184.168.47.225 (- United States)
2016-03-09 15:02Botnet C&CLocky
91.195.12.131
91.195.12.131 (- Ukraine)
2016-03-09 12:49Distribution SiteLocky
www.ekowen.sk
147.213.4.6 (- Slovakia)
2016-03-09 12:48Distribution SiteLocky
shofukai.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.61 (- United States)
2016-03-09 12:48Distribution SiteLocky
saachi.co
GODADDY.COM, INC.184.168.221.54 (- United States)
2016-03-09 12:48Distribution SiteLocky
planetarchery.com.au
TPP Wholesale Pty Ltd103.240.88.28 (- Australia)
2016-03-09 12:47Distribution SiteLocky
myonlinedeals.pk
146.185.16.123 (- United Kingdom)
2016-03-09 12:47Distribution SiteLocky
hipnotixx.com
123-REG LIMITED (n/a)
2016-03-09 12:47Distribution SiteLocky
ari-ev.com
TUCOWS DOMAINS INC. (n/a)
2016-03-09 12:47Distribution SiteLocky
nguoitieudungthongthai.com
ONLINENIC, INC.112.213.89.162 (- Vietnam)
2016-03-09 12:46Distribution SiteLocky
ihsanind.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]209.99.40.222 (- United States)
2016-03-09 12:06Botnet C&CTorrentLocker
sfasdik.com
REGISTRAR OF DOMAIN NAMES REG.RU[...] (n/a)
2016-03-09 11:56Botnet C&CLocky
37.235.53.18
37.235.53.18 (- Spain)
2016-03-09 10:01Botnet C&CTorrentLocker
vizkore.biz
PDR LTD. D/B/A PUBLICDOMAINREGIS[...] (n/a)
2016-03-09 10:01Botnet C&CTorrentLocker
cerbyk.org
Registrar of Domain Names REG.RU[...] (n/a)
2016-03-09 10:00Botnet C&CTorrentLocker
hgdre.org
Registrar of Domain Names REG.RU[...] (n/a)
2016-03-09 07:51Botnet C&CTeslaCrypt
www.informaticauno.net
NETEARTH ONE INC. D/B/A NETEARTH (n/a)
2016-03-08 15:38Botnet C&CLocky
89.108.85.163
89.108.85.163 (- Russian Federation)
2016-03-08 15:34Botnet C&CLocky
149.154.157.14
149.154.157.14 (- Italy)
2016-03-08 13:55Distribution SiteLocky
51457642.de.strato-hosting.eu
STRATO AG81.169.145.153 (- Germany)
2016-03-08 13:55Distribution SiteLocky
het-havenhuis.nl
Hosting2GO B.V. (n/a)
2016-03-08 13:55Distribution SiteLocky
kokoko.himegimi.jp
112.140.42.29 (- Japan)
2016-03-08 13:55Distribution SiteLocky
lahmar.choukri.perso.neuf.fr
Société Française du Radioté[...]86.65.123.70 (- France)
2016-03-08 13:55Distribution SiteLocky
ministerepuissancejesus.com
DYNADOT, LLC (n/a)
2016-03-08 13:55Distribution SiteLocky
ozono.org.es
212.227.247.216 (- Germany)
2016-03-08 13:55Distribution SiteLocky
www.vtipnetriko.cz
REG-MEDIA4WEB95.80.214.221 (- Czech Republic)
2016-03-08 11:58Payment SiteTorrentLocker
rzss2zfue73dfvmj.onlinerpgame.ch
(n/a)
2016-03-08 08:05Distribution SiteTeslaCrypt
greetingsjamajcaff.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-08 08:04Distribution SiteTeslaCrypt
greetingsjamajcaff.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-08 08:04Payment SiteTeslaCrypt
t54ndnku456ngkwsudqer.wallymac.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-03-08 08:03Payment SiteTeslaCrypt
hrfgd74nfksjdcnnklnwefvdsf.materdunst.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-03-08 08:02Distribution SiteTeslaCrypt
greetingsjamajcaff.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-08 08:01Distribution SiteTeslaCrypt
hellomisterbiznesqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-08 07:52Botnet C&CTorrentLocker
ghdeg.com
REGISTRAR OF DOMAIN NAMES REG.RU[...]45.33.9.234 (- United States)
2016-03-08 07:39Botnet C&CTorrentLocker
gfjhfg.com
REGISTRAR OF DOMAIN NAMES REG.RU[...] (n/a)
2016-03-08 07:37Botnet C&CTorrentLocker
geriky.org
Registrar of Domain Names REG.RU[...] (n/a)
2016-03-08 07:23Botnet C&CTeslaCrypt
drcordoba.com
GODADDY.COM, LLC50.62.125.1 (- United States)
2016-03-08 07:19Botnet C&CLocky
192.121.16.196
192.121.16.196 (- Netherlands)
2016-03-08 06:58Botnet C&CTeslaCrypt
iheartshop.net
CV. RUMAHWEB INDONESIA128.199.187.47 (- Singapore)
2016-03-08 02:39Botnet C&CLocky
glhxgchhfemcjgr.pw
101Domain, Inc.195.22.28.197 (- Portugal)
2016-03-07 21:15Botnet C&CTeslaCrypt
csucanuevo.csuca.org
Gandi SAS186.151.199.5 (- Guatemala)
2016-03-07 15:38Botnet C&CLocky
185.92.220.35
185.92.220.35 (- Netherlands)
2016-03-07 15:24Payment SiteTorrentLocker
vrvis6ndra5jeggj.livewargaming.ch
1API GmbH (n/a)
2016-03-07 15:14Payment SiteTorrentLocker
vrvis6ndra5jeggj.livegaming.ch
1API GmbH (n/a)
2016-03-07 14:47Botnet C&CTorrentLocker
fhgetyh.com
REGISTRAR OF DOMAIN NAMES REG.RU[...] (n/a)
2016-03-07 14:47Botnet C&CTeslaCrypt
newculturemediablog.com
GODADDY.COM, LLC50.63.50.75 (- United States)
2016-03-07 13:56Distribution SiteLocky
www.souqaqonline.com
FASTDOMAIN, INC.50.87.248.65 (- United States)
2016-03-07 13:56Distribution SiteLocky
www.promumedical.com
DREAMHOST, LLC69.163.217.25 (- United States)
2016-03-07 13:56Distribution SiteLocky
texfibre.eu
OnlineNIC Inc50.87.33.215 (- United States)
2016-03-07 13:56Distribution SiteLocky
surprise.co.in
GoDaddy.com, LLC (R101-AFIN)138.201.126.124 (- Germany)
2016-03-07 13:56Distribution SiteLocky
sub4.gustoitalia.ru
RU-CENTER-RU (n/a)
2016-03-07 13:56Distribution SiteLocky
shapes.com.pk
50.87.248.127 (- United States)
2016-03-07 13:56Distribution SiteLocky
scs-smesi.ru
REGRU-RU (n/a)
2016-03-07 13:56Distribution SiteLocky
ptunited.net
GODADDY.COM, LLC203.124.116.1 (- Singapore)
2016-03-07 13:56Distribution SiteLocky
lightsroom.ru
REGRU-RU (n/a)
2016-03-07 13:56Distribution SiteLocky
kievelectric.kiev.ua
ua.gransy77.87.192.214 (- Ukraine)
2016-03-07 13:56Distribution SiteLocky
kiddyshop.kiev.ua
ua.gransy (n/a)
2016-03-07 13:55Distribution SiteLocky
jldoptics.com
GUANGDONG JINWANBANG TECHNOLOGY [...]47.52.21.175 (- United States)
2016-03-07 13:55Distribution SiteLocky
fibrefamily.ru
REGRU-RU37.140.192.177 (- Russian Federation)
2016-03-07 13:55Distribution SiteLocky
dsignshop.com.au
GoDaddy.com, LLC203.124.103.1 (- Singapore)
2016-03-07 13:55Distribution SiteLocky
azshop24.com.vn
103.42.56.170 (- Vietnam)
2016-03-07 13:55Distribution SiteLocky
alexkote.ru
REGRU-RU31.31.196.55 (- Russian Federation)
2016-03-07 13:55Distribution SiteLocky
aqarhits.com
WILD WEST DOMAINS, LLC (n/a)
2016-03-07 13:39Botnet C&CTeslaCrypt
saludaonline.com
GODADDY.COM, LLC (n/a)
2016-03-07 12:45Payment SiteTeslaCrypt
w6bfg4hahn5bfnlsafgchkvg5fwsfvrt.hareuna.at
(n/a)
2016-03-07 12:45Payment SiteTeslaCrypt
po4dbsjbneljhrlbvaueqrgveatv.bonmawp.at
(n/a)
2016-03-07 12:28Payment SiteTeslaCrypt
u54bbnhf354fbkh254tbkhjbgy8258gnkwerg.tahaplap.com
BIZCN.COM, INC.184.105.192.2 (- United States)
2016-03-07 12:27Distribution SiteTeslaCrypt
howareyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 12:27Distribution SiteTeslaCrypt
howareyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 12:26Distribution SiteTeslaCrypt
hellomisterbiznesqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 12:26Distribution SiteTeslaCrypt
hellomisterbiznesqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 11:38Botnet C&CLocky
46.108.39.18
46.108.39.18 (- Romania)
2016-03-07 11:38Botnet C&CLocky
109.237.111.168
109.237.111.168 (- Russian Federation)
2016-03-07 09:27Botnet C&CLocky
212.47.223.19
212.47.223.19 (- Estonia)
2016-03-07 09:22Distribution SiteTeslaCrypt
hellomydearqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 09:22Distribution SiteTeslaCrypt
hellomydearqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 09:22Distribution SiteTeslaCrypt
blablaworldqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:34Distribution SiteTeslaCrypt
mafianeedsyouqq.com
KEY-SYSTEMS GMBH (n/a)

# of rows displayed: 100
# of entries in database: 12'974

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 >