Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-10-25 14:53Distribution SiteLocky
codefinder.co
TUCOWS DOMAINS INC. (n/a)
2016-10-25 14:53Distribution SiteLocky
beaumontschool.com
TUCOWS DOMAINS INC.79.170.44.113 (- United Kingdom)
2016-10-25 14:53Distribution SiteLocky
greenresist.com
GODADDY.COM, LLC192.254.137.5 (- United States)
2016-10-25 14:53Distribution SiteLocky
informing.asia
GoDaddy.com, LLC R45-ASIA (146)74.220.215.75 (- United States)
2016-10-25 14:53Distribution SiteLocky
69.162.74.116
n/a
2016-10-25 14:53Distribution SiteLocky
www.jockytours.com
LAUNCHPAD.COM, INC.192.185.34.61 (- United States)
2016-10-25 14:52Distribution SiteLocky
uatsa.cl
186.67.177.212 (- Chile)
2016-10-25 14:52Distribution SiteLocky
vicampro.com
WEB4AFRICA INC169.255.59.10 (- South Africa)
2016-10-25 14:52Distribution SiteLocky
www.ifs-b.org
eNom, Inc.198.54.120.18 (- United States)
2016-10-25 14:52Distribution SiteLocky
angelwap.ro
NAV COMMUNICATIONS SRL (n/a)
2016-10-25 14:52Distribution SiteLocky
elitednadt.com
GODADDY.COM, LLC198.54.115.8 (- United States)
2016-10-25 14:51Distribution SiteLocky
216.104.188.249
n/a
2016-10-25 14:51Distribution SiteLocky
cultural-ecology.com
TUCOWS DOMAINS INC.50.87.249.117 (- United States)
2016-10-25 14:51Distribution SiteLocky
faisal-ibrahim.info
Cloud Group Limited131.153.6.123 (- United States)
2016-10-25 14:51Distribution SiteLocky
103.27.52.92
n/a
2016-10-25 14:51Distribution SiteLocky
tacunair.com
TUCOWS DOMAINS INC.101.50.1.29 (- Indonesia)
2016-10-25 14:50Distribution SiteLocky
mahendradesai.net
FASTDOMAIN, INC.66.147.244.113 (- United States)
2016-10-25 14:50Distribution SiteLocky
www.russwat.org
PDR Ltd. d/b/a PublicDomainRegis[...]131.153.38.170 (- United States)
2016-10-25 14:50Distribution SiteLocky
dziennikarze.lo-kolaczyce.pl
Consulting Service Sp. z o.o.85.128.210.30 (- Poland)
2016-10-25 14:50Distribution SiteLocky
www.fireballindia.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]192.185.102.12 (- United States)
2016-10-25 14:50Distribution SiteLocky
njykvalve.com
XIAMEN CHINASOURCE INTERNET SERV[...]116.255.212.5 (- China)
2016-10-25 14:50Distribution SiteLocky
dreamtheatre.co
GODADDY.COM, INC.91.197.230.235 (- United Kingdom)
2016-10-25 14:50Distribution SiteLocky
megapowercash.com
GODADDY.COM, LLC107.180.47.13 (- United States)
2016-10-25 14:49Distribution SiteLocky
dev.indonesiatextile.id
(n/a)
2016-10-25 14:49Distribution SiteLocky
fpi-canada.com
ENOM, INC.198.54.116.164 (- United States)
2016-10-25 14:49Distribution SiteLocky
soulanimtech.com
GODADDY.COM, LLC192.185.189.96 (- United States)
2016-10-25 14:49Distribution SiteLocky
privatestashstorage.com
FASTDOMAIN, INC. (n/a)
2016-10-25 14:49Distribution SiteLocky
emreker.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...] (n/a)
2016-10-25 07:20Payment SiteCerber
ahuqfrqk54v3vnzj.kj3f52.bid
Eranet International Limited (n/a)
2016-10-25 01:08Botnet C&CLocky
fqtdrnqmeofknd.biz
DYNADOT LLC69.195.129.70 (- United States)
2016-10-24 19:43Payment SiteCerber
ahuqfrqk54v3vnzj.h4lu4i.bid
Eranet International Limited (n/a)
2016-10-24 19:00Payment SiteCerber
vyohacxzoue32vvk.7a07br.bid
Eranet International Limited (n/a)
2016-10-24 11:52Payment SiteCerber
lfdachijzuwx4bc4.zreknv.bid
Eranet International Limited (n/a)
2016-10-24 10:40Distribution SiteLocky
omnibusiness-solutions.com
ENOM, INC.74.124.210.121 (- United States)
2016-10-24 10:40Distribution SiteLocky
sowkinah.com
KEY-SYSTEMS GMBH (n/a)
2016-10-24 06:05Payment SiteCerber
ahuqfrqk54v3vnzj.l7g2sv.bid
Eranet International Limited (n/a)
2016-10-24 05:49Botnet C&CLocky
bwcfinnt.work
Namecheap208.100.26.234 (- United States)
2016-10-24 05:43Payment SiteCerber
lfdachijzuwx4bc4.twyjdx.bid
Eranet International Limited (n/a)
2016-10-24 05:27Payment SiteCerber
lfdachijzuwx4bc4.e6cf2t.bid
Eranet International Limited (n/a)
2016-10-23 21:31Payment SiteCerber
vyohacxzoue32vvk.zn90h4.bid
Eranet International Limited (n/a)
2016-10-23 12:20Payment SiteCerber
lfdachijzuwx4bc4.w4629d.top
Eranet International Limited (n/a)
2016-10-23 10:05Botnet C&CLocky
185.102.136.77
185.102.136.77 (- Russian Federation)
2016-10-23 06:50Botnet C&CCryptoWall
chong.joelle.free.fr
ONLINE SAS212.27.63.110 (- France)
2016-10-23 02:36Payment SiteCerber
xrhwryizf5mui7a5.jhrb5a.top
Eranet International Limited (n/a)
2016-10-22 01:36Payment SiteCerber
lfdachijzuwx4bc4.tx0igu.bid
Eranet International Limited (n/a)
2016-10-21 11:37Payment SiteCerber
lfdachijzuwx4bc4.le2brr.bid
Eranet International Limited (n/a)
2016-10-21 07:23Payment SiteCerber
ffoqr3ug7m726zou.8uvtsg.top
Eranet International Limited (n/a)
2016-10-20 13:48Payment SiteCerber
lfdachijzuwx4bc4.u9fcji.bid
Eranet International Limited (n/a)
2016-10-20 13:37Botnet C&CLocky
91.200.14.124
91.200.14.124 (- Ukraine)
2016-10-20 08:54Payment SiteCerber
xrhwryizf5mui7a5.uw9x7z.bid
Eranet International Limited (n/a)
2016-10-19 23:26Payment SiteCerber
xrhwryizf5mui7a5.50mb1c.bid
Eranet International Limited (n/a)
2016-10-19 23:14Payment SiteCerber
lfdachijzuwx4bc4.8dlgyg.bid
Eranet International Limited (n/a)
2016-10-19 21:51Payment SiteCerber
vyohacxzoue32vvk.8g1k17.bid
Eranet International Limited (n/a)
2016-10-19 17:50Payment SiteCerber
lfdachijzuwx4bc4.eujvrw.bid
Eranet International Limited (n/a)
2016-10-19 15:47Payment SiteCerber
lfdachijzuwx4bc4.m7f27y.bid
Eranet International Limited (n/a)
2016-10-19 15:27Payment SiteCerber
lfdachijzuwx4bc4.ex9n9v.top
Eranet International Limited (n/a)
2016-10-18 11:18Payment SiteCerber
unocl45trpuoefft.ukwnvw.bid
Eranet International Limited (n/a)
2016-10-18 01:37Payment SiteCerber
lfdachijzuwx4bc4.x4tk5c.bid
Eranet International Limited (n/a)
2016-10-17 12:57Payment SiteCerber
vyohacxzoue32vvk.7jrv53.bid
Eranet International Limited (n/a)
2016-10-16 21:24Botnet C&CLocky
wrubyjtvqhxaqkh.pw
Namecheap208.100.26.234 (- United States)
2016-10-15 23:55Payment SiteCerber
xrhwryizf5mui7a5.djintc.bid
Eranet International Limited (n/a)
2016-10-15 21:24Payment SiteCerber
ffoqr3ug7m726zou.ukswcu.bid
Eranet International Limited (n/a)
2016-10-15 16:42Payment SiteCerber
ahuqfrqk54v3vnzj.x90yk1.bid
Eranet International Limited (n/a)
2016-10-15 00:08Botnet C&CLocky
185.46.11.73
185.46.11.73 (- Russian Federation)
2016-10-14 22:12Payment SiteCerber
vyohacxzoue32vvk.axu3u8.bid
Eranet International Limited (n/a)
2016-10-14 10:40Payment SiteCerber
wjtqjleommc4z46i.7hu6og.bid
Eranet International Limited (n/a)
2016-10-13 08:49Payment SiteCerber
ffoqr3ug7m726zou.u9fcji.bid
Eranet International Limited (n/a)
2016-10-13 06:44Payment SiteCerber
ahuqfrqk54v3vnzj.v5neyw.bid
Eranet International Limited (n/a)
2016-10-13 06:32Payment SiteCerber
ffoqr3ug7m726zou.hajw7w.bid
Eranet International Limited (n/a)
2016-10-12 16:16Payment SiteCerber
ahuqfrqk54v3vnzj.zn90h4.bid
Eranet International Limited (n/a)
2016-10-12 11:53Payment SiteCerber
wjtqjleommc4z46i.9sellg.bid
Eranet International Limited (n/a)
2016-10-11 20:51Payment SiteCerber
ahuqfrqk54v3vnzj.xs2xeh.bid
Eranet International Limited (n/a)
2016-10-11 20:49Payment SiteCerber
ahuqfrqk54v3vnzj.u9fcji.bid
Eranet International Limited (n/a)
2016-10-11 19:58Botnet C&CLocky
137.74.46.46
137.74.46.46 (- Hong Kong)
2016-10-11 09:39Payment SiteCerber
lfdachijzuwx4bc4.fwzxnb.bid
Eranet International Limited (n/a)
2016-10-11 09:32Payment SiteCerber
ahuqfrqk54v3vnzj.6avw2a.bid
Eranet International Limited (n/a)
2016-10-11 00:30Payment SiteCerber
ahuqfrqk54v3vnzj.i81wik.bid
Eranet International Limited (n/a)
2016-10-10 23:20Payment SiteCerber
ffoqr3ug7m726zou.yv3uwa.bid
Eranet International Limited (n/a)
2016-10-10 22:57Payment SiteCerber
lfdachijzuwx4bc4.ev99l6.bid
Eranet International Limited (n/a)
2016-10-10 22:41Payment SiteCerber
ffoqr3ug7m726zou.l4dlll.bid
Eranet International Limited (n/a)
2016-10-10 22:32Payment SiteCerber
ffoqr3ug7m726zou.le6611.bid
Eranet International Limited (n/a)
2016-10-10 15:37Payment SiteCerber
lfdachijzuwx4bc4.0ndl3j.bid
Eranet International Limited (n/a)
2016-10-10 11:48Payment SiteCerber
ffoqr3ug7m726zou.sg9lxh.bid
Eranet International Limited (n/a)
2016-10-10 07:07Payment SiteCerber
ahuqfrqk54v3vnzj.uzeb6r.bid
Eranet International Limited (n/a)
2016-10-10 01:54Payment SiteCerber
wjtqjleommc4z46i.y7603i.bid
Eranet International Limited (n/a)
2016-10-10 00:24Payment SiteCerber
ahuqfrqk54v3vnzj.g4dc5s.bid
Eranet International Limited (n/a)
2016-10-09 19:33Payment SiteCerber
ffoqr3ug7m726zou.zio9yg.bid
Eranet International Limited (n/a)
2016-10-09 16:12Payment SiteCerber
ffoqr3ug7m726zou.i4ucg2.bid
Eranet International Limited (n/a)
2016-10-09 11:43Payment SiteCerber
52uo5k3t73ypjije.8rxv74.bid
Eranet International Limited (n/a)
2016-10-08 10:58Botnet C&CLocky
185.75.46.122
185.75.46.122 (- Russian Federation)
2016-10-08 04:56Payment SiteCerber
52uo5k3t73ypjije.e32d1o.bid
Eranet International Limited (n/a)
2016-10-07 20:34Payment SiteCerber
ahuqfrqk54v3vnzj.sg9lxh.bid
Eranet International Limited (n/a)
2016-10-07 19:44Payment SiteCerber
ahuqfrqk54v3vnzj.n3oyw7.bid
Eranet International Limited (n/a)
2016-10-07 18:02Payment SiteCerber
52uo5k3t73ypjije.gmnjz7.bid
Eranet International Limited (n/a)
2016-10-07 11:25Payment SiteCerber
52uo5k3t73ypjije.hossy3.bid
Eranet International Limited (n/a)
2016-10-07 09:14Distribution SiteLocky
xixiaxianggua.com
BIZCN.COM, INC.122.114.130.183 (- China)
2016-10-07 09:07Payment SiteTorrentLocker
4w5wihkwyhsav2ha.dreamtest.at
(n/a)
2016-10-07 05:27Distribution SiteLocky
misicka.com
GODADDY.COM, LLC129.121.17.217 (- United States)
2016-10-07 05:24Distribution SiteLocky
bj-fzwb.com
SHANGHAI YOVOLE NETWORKS INC. (n/a)
2016-10-07 05:23Distribution SiteLocky
caihongemc.com
WEST263 INTERNATIONAL LIMITED (n/a)

# of rows displayed: 100
# of entries in database: 9'211

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 >