Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-11-30 19:16Payment SiteCerber
ffoqr3ug7m726zou.y9kxz2.bid
Eranet International Limited (n/a)
2016-11-30 18:12Payment SiteCerber
avsxrcoq2q5fgrw2.et7izd.top
Eranet International Limited (n/a)
2016-11-30 17:40Payment SiteCerber
xrhwryizf5mui7a5.rt01jw.top
Eranet International Limited (n/a)
2016-11-30 17:05Distribution SiteLocky
nekkel.pl
OVH SAS87.98.239.19 (- Poland)
2016-11-30 17:05Distribution SiteLocky
pdkapusany.sk
37.9.175.4 (- Slovakia)
2016-11-30 17:01Distribution SiteLocky
njhtpj.com
XIAMEN DOMAINS, INC. (n/a)
2016-11-30 17:00Distribution SiteLocky
ortus.com.mx
KIUBIX, S.A. de C.V.108.163.178.108 (- Canada)
2016-11-30 16:59Distribution SiteLocky
profit-group.sk
80.94.52.72 (- Slovakia)
2016-11-30 16:45Payment SiteCerber
pe2cku7pebkpgeko.ahovbr.top
Eranet International Limited (n/a)
2016-11-30 16:38Payment SiteCerber
avsxrcoq2q5fgrw2.y1fx4w.top
Eranet International Limited (n/a)
2016-11-30 13:27Payment SiteCerber
vyohacxzoue32vvk.mayrwf.top
Eranet International Limited (n/a)
2016-11-30 13:20Distribution SiteLocky
samaraorgsintez.ru
RU-CENTER-RU194.190.1.5 (- Russian Federation)
2016-11-30 13:20Distribution SiteLocky
samsebe.su
REGTIME-REG-FID (n/a)
2016-11-30 13:20Distribution SiteLocky
raycon.ph
203.119.6.36 (- Philippines)
2016-11-30 13:20Distribution SiteLocky
sanjustoshopping.com.ar
200.68.105.93 (- Argentina)
2016-11-30 13:20Distribution SiteLocky
rescuemed.ca
Tucows.com Co.216.138.226.110 (- Canada)
2016-11-30 13:19Distribution SiteLocky
sam4x4.com
ENOM, INC.198.54.126.121 (- United States)
2016-11-30 13:19Distribution SiteLocky
rnitechnology.com
TUCOWS DOMAINS INC.69.90.160.250 (- Canada)
2016-11-30 13:19Distribution SiteLocky
s88.vdl.pl
Consulting Service Sp. z o.o.85.17.227.88 (- Netherlands)
2016-11-30 13:19Distribution SiteLocky
rotanatravel.com
1&1 INTERNET SE74.208.223.237 (- United States)
2016-11-30 11:00Botnet C&CLocky
91.142.90.61
91.142.90.61 (- Russian Federation)
2016-11-30 10:57Botnet C&CLocky
95.213.195.123
95.213.195.123 (- Russian Federation)
2016-11-30 10:52Payment SiteCerber
avsxrcoq2q5fgrw2.5m2n7x.top
Eranet International Limited (n/a)
2016-11-30 10:11Payment SiteCerber
avsxrcoq2q5fgrw2.dgjpgy.top
Eranet International Limited (n/a)
2016-11-30 09:33Payment SiteCerber
vyohacxzoue32vvk.0ayn1s.top
Eranet International Limited (n/a)
2016-11-30 08:12Payment SiteCerber
avsxrcoq2q5fgrw2.lbxvhk.top
Eranet International Limited (n/a)
2016-11-30 08:11Payment SiteCerber
avsxrcoq2q5fgrw2.9c431m.bid
Eranet International Limited (n/a)
2016-11-29 22:37Payment SiteCerber
avsxrcoq2q5fgrw2.lxvmhm.top
Eranet International Limited (n/a)
2016-11-29 22:22Distribution SiteLocky
razborka-vigonka.ru
R01-RU81.177.135.122 (- Russian Federation)
2016-11-29 22:22Distribution SiteLocky
2012.rikschataxi.ch
217.26.54.17 (- Switzerland)
2016-11-29 22:22Distribution SiteLocky
sawadi.at
91.233.87.48 (- Germany)
2016-11-29 22:22Distribution SiteLocky
spunbaku.com
IP MIRROR PTE LTD. DBA IP MIRROR (n/a)
2016-11-29 19:28Payment SiteCerber
pe2cku7pebkpgeko.hclz73.top
Eranet International Limited (n/a)
2016-11-29 18:43Payment SiteCerber
ffoqr3ug7m726zou.jye7lt.top
Eranet International Limited (n/a)
2016-11-29 15:50Distribution SiteLocky
pokerjive.com
TUCOWS DOMAINS INC.89.187.85.68 (- United Kingdom)
2016-11-29 15:50Distribution SiteLocky
hongruilight.com
DOMAIN.COM, LLC122.114.86.198 (- China)
2016-11-29 15:49Distribution SiteLocky
palisandr38.ru
REGRU-RU178.62.245.121 (- Netherlands)
2016-11-29 15:49Distribution SiteLocky
radstedjazz.dk
93.191.155.234 (- Denmark)
2016-11-29 15:49Distribution SiteLocky
pdaconference.com
GODADDY.COM, LLC160.153.129.203 (- United States)
2016-11-29 15:49Distribution SiteLocky
pgringette.ca
Promo People Inc.69.28.199.160 (- Canada)
2016-11-29 15:49Distribution SiteLocky
movewithgrace.ca
Tucows.com Co.45.56.216.10 (- United States)
2016-11-29 15:48Distribution SiteLocky
netshot.co.uk
Mr Max Ramyar t/a Abel Internet78.33.15.234 (- United Kingdom)
2016-11-29 15:48Distribution SiteLocky
keshuimei.com
GODADDY.COM, LLC128.1.241.73 (- United States)
2016-11-29 15:48Distribution SiteLocky
notyou.ru
R01-RU89.111.176.87 (- Russian Federation)
2016-11-29 15:48Distribution SiteLocky
ourfrontline.com
GODADDY.COM, LLC23.229.140.54 (- United States)
2016-11-29 15:48Distribution SiteLocky
oakscardclub.com
NETWORK SOLUTIONS, LLC.208.80.5.231 (- United States)
2016-11-29 15:48Distribution SiteLocky
ijiyo.com
HICHINA ZHICHENG TECHNOLOGY LTD.139.196.252.15 (- China)
2016-11-29 15:47Distribution SiteLocky
lanchefacil.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]67.23.238.154 (- United States)
2016-11-29 15:47Distribution SiteLocky
ozka.ro
Nexus Media SRL188.215.251.97 (- Romania)
2016-11-29 15:47Distribution SiteLocky
paynterroofing.com
DOMAINPEOPLE, INC.216.110.144.158 (- United States)
2016-11-29 15:46Distribution SiteLocky
ninjah47.home.pl
home.pl S.A.89.161.251.44 (- Poland)
2016-11-29 15:46Distribution SiteLocky
muongcaupo.net
KEY-SYSTEMS GMBH (n/a)
2016-11-29 15:46Distribution SiteLocky
mirofusion.com
TUCOWS DOMAINS INC.72.51.24.224 (- United States)
2016-11-29 15:46Distribution SiteLocky
interfacerh.ma
MTDS41.77.112.58 (- Morocco)
2016-11-29 15:46Distribution SiteLocky
kjdot.com
HICHINA ZHICHENG TECHNOLOGY LTD.115.28.221.203 (- China)
2016-11-29 15:45Distribution SiteLocky
palekar.com
TOTAL WEB SOLUTIONS LIMITED TRAD[...]91.109.14.192 (- United Kingdom)
2016-11-29 15:45Distribution SiteLocky
mmbeheer.nl
The Registrar Company B.V.178.19.114.59 (- Netherlands)
2016-11-29 15:45Distribution SiteLocky
jbec.kz
KAZNIC193.29.53.136 (- Kazakhstan)
2016-11-29 15:45Distribution SiteLocky
omrolsztyn.neostrada.pl
AZ.pl Sp. z o.o.217.97.216.17 (- Poland)
2016-11-29 15:45Distribution SiteLocky
portalmadureira.com
ENOM, INC.192.99.63.227 (- Canada)
2016-11-29 15:45Distribution SiteLocky
ponticulus.eu
Zitcom A/S94.231.103.93 (- Denmark)
2016-11-29 15:45Distribution SiteLocky
edemalucia.net
PAKNIC (PRIVATE) LIMITED (n/a)
2016-11-29 15:45Distribution SiteLocky
pathkids.com
TUCOWS DOMAINS INC.69.90.160.150 (- Canada)
2016-11-29 15:44Distribution SiteLocky
islandspirits.ca
Tucows.com Co.67.223.100.2 (- Canada)
2016-11-29 15:44Distribution SiteLocky
haggyowser.com
PAKNIC (PRIVATE) LIMITED (n/a)
2016-11-29 15:44Distribution SiteLocky
kashimayunohana.jp
180.222.89.24 (- Japan)
2016-11-29 15:44Distribution SiteLocky
rent-guarantee-insurance.co.uk
Redcentric Solutions Ltd t/a Red[...]37.75.232.4 (- United Kingdom)
2016-11-29 15:44Distribution SiteLocky
guhrpaean.net
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-11-29 15:44Distribution SiteLocky
liceuminbak.com
WHOISNETWORKS CO., LTD.61.14.209.163 (- Korea)
2016-11-29 15:43Distribution SiteLocky
tytswirl.com
IP MIRROR PTE LTD. DBA IP MIRROR (n/a)
2016-11-29 13:06Payment SiteCerber
ffoqr3ug7m726zou.kfymbh.top
Eranet International Limited (n/a)
2016-11-29 10:49Payment SiteCerber
avsxrcoq2q5fgrw2.rys9pj.top
Eranet International Limited (n/a)
2016-11-29 09:48Payment SiteCerber
avsxrcoq2q5fgrw2.yr1h37.top
Eranet International Limited (n/a)
2016-11-29 09:32Distribution SiteLocky
qiqi-store.com
GUANGDONG JINWANBANG TECHNOLOGY [...] (n/a)
2016-11-29 09:31Distribution SiteLocky
spookmedia.nl
Antagonist B.V.141.138.168.113 (- Netherlands)
2016-11-29 09:30Distribution SiteLocky
leyuego.com
HICHINA ZHICHENG TECHNOLOGY LTD.121.201.23.80 (- China)
2016-11-29 09:29Distribution SiteLocky
secotral.fr
NAMEBAY87.98.189.74 (- France)
2016-11-29 07:11Distribution SiteLocky
mashijiazu.net
CHENGDU WEST DIMENSION DIGITAL T[...]50.117.113.220 (- United States)
2016-11-29 07:10Distribution SiteLocky
hzxihe.com
BEIJING INNOVATIVE LINKAGE TECHN[...] (n/a)
2016-11-29 07:07Distribution SiteLocky
karens.com.au
Web Address Registration203.170.84.193 (- Australia)
2016-11-29 07:07Distribution SiteLocky
jimijunshi.com
CHENGDU WEST DIMENSION DIGITAL T[...]50.117.113.220 (- United States)
2016-11-29 07:06Distribution SiteLocky
faeryminny.net
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-11-29 07:06Distribution SiteLocky
kuficflub.com
PAKNIC (PRIVATE) LIMITED (n/a)
2016-11-29 07:06Distribution SiteLocky
uzbakadore.net
KEY-SYSTEMS GMBH (n/a)
2016-11-29 07:06Distribution SiteLocky
ruggyhaven.com
IP MIRROR PTE LTD. DBA IP MIRROR (n/a)
2016-11-29 07:05Distribution SiteLocky
wharlslops.net
KEY-SYSTEMS GMBH (n/a)
2016-11-29 07:05Distribution SiteLocky
jaspercn.com
HICHINA ZHICHENG TECHNOLOGY LTD.60.169.78.247 (- China)
2016-11-29 06:14Distribution SiteLocky
erikaatop.net
KEY-SYSTEMS GMBH (n/a)
2016-11-29 06:14Distribution SiteLocky
qinglv999.com
HICHINA ZHICHENG TECHNOLOGY LTD. (n/a)
2016-11-29 06:13Distribution SiteLocky
ptnewstart.com
CHENGDU WEST DIMENSION DIGITAL T[...]50.117.113.220 (- United States)
2016-11-29 06:13Distribution SiteLocky
norpecas.pt
188.93.229.84 (- Portugal)
2016-11-29 05:55Payment SiteTorrentLocker
4w5wihkwyhsav2ha.fastdances.at
(n/a)
2016-11-29 05:29Payment SiteCerber
vyohacxzoue32vvk.o08ra6.top
Eranet International Limited (n/a)
2016-11-29 04:53Payment SiteCerber
avsxrcoq2q5fgrw2.h44l3d.bid
Eranet International Limited (n/a)
2016-11-29 00:15Payment SiteCerber
vyohacxzoue32vvk.3peyo3.bid
Eranet International Limited (n/a)
2016-11-28 23:32Payment SiteCerber
vyohacxzoue32vvk.dgjpgy.top
Eranet International Limited (n/a)
2016-11-28 19:10Payment SiteCerber
vyohacxzoue32vvk.3m370u.top
Eranet International Limited (n/a)
2016-11-28 17:21Payment SiteCerber
ftoxmpdipwobp4qy.lxvmhm.top
Eranet International Limited (n/a)
2016-11-28 15:21Payment SiteCerber
ffoqr3ug7m726zou.bdlvdy.top
Eranet International Limited (n/a)
2016-11-28 12:57Distribution SiteLocky
sagaoil.ro
ICI - ROTLD91.210.80.80 (- Romania)

# of rows displayed: 100
# of entries in database: 9'210

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 >