Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-07-11 02:13Payment SiteCerber
27lelchgcvs2wpm7.asd3r3.top
Eranet International Limited (n/a)
2016-07-11 01:57Payment SiteCerber
pmenboeqhyrpvomq.xneyvm.top
Eranet International Limited (n/a)
2016-07-11 01:57Payment SiteCerber
52uo5k3t73ypjije.ie7t8k.top
Eranet International Limited (n/a)
2016-07-11 00:57Payment SiteCerber
pmenboeqhyrpvomq.58na23.top
Eranet International Limited (n/a)
2016-07-10 22:05Payment SiteCerber
27lelchgcvs2wpm7.fm0cga.top
Eranet International Limited (n/a)
2016-07-10 21:12Payment SiteCerber
pmenboeqhyrpvomq.self56.top
Eranet International Limited (n/a)
2016-07-10 14:05Payment SiteCerber
4kqd3hmqgptupi3p.adevf4.top
Eranet International Limited (n/a)
2016-07-10 09:31Payment SiteCerber
27lelchgcvs2wpm7.wins4n.win
Eranet International Limited (n/a)
2016-07-10 08:28Payment SiteCerber
27lelchgcvs2wpm7.xkfi59.top
Eranet International Limited (n/a)
2016-07-10 00:06Payment SiteCerber
pmenboeqhyrpvomq.cmri58.top
Eranet International Limited (n/a)
2016-07-09 03:11Payment SiteCerber
4kqd3hmqgptupi3p.wins4n.top
Eranet International Limited (n/a)
2016-07-09 01:55Payment SiteCerber
27lelchgcvs2wpm7.rt4e34.win
Eranet International Limited (n/a)
2016-07-08 13:23Distribution SiteLocky
www.johnsonfashion.com.tw
HINET13.113.153.59 (- United States) +1 A record(s) 52.198.26.8 (AS16509, - Japan)
2016-07-08 13:23Distribution SiteLocky
expertsreunis.com
REGISTER.IT SPA81.88.57.68 (- Italy)
2016-07-08 13:23Distribution SiteLocky
advempresarial.com
GODADDY.COM, LLC69.49.115.40 (- United States)
2016-07-08 12:28Distribution SiteLocky
psiaekipa.com
ENOM, INC.94.23.89.100 (- Poland)
2016-07-08 12:00Distribution SiteLocky
sasakisummers.com
GODADDY.COM, LLC64.29.151.221 (- United States)
2016-07-08 11:30Distribution SiteLocky
hero-ny.org
DomainPeople, Inc. (n/a)
2016-07-08 10:52Distribution SiteLocky
satinfuntaboo.com
GODADDY.COM, LLC185.72.157.174 (- United States)
2016-07-08 10:05Distribution SiteLocky
felicecremesini.com
REGISTER.IT SPA195.110.124.133 (- Italy)
2016-07-08 10:04Distribution SiteLocky
themeidea.com
GODADDY.COM, LLC121.42.125.49 (- China)
2016-07-08 10:04Distribution SiteLocky
kurumenishimura.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]153.122.16.1 (- Japan)
2016-07-08 10:04Distribution SiteLocky
manutenzionecarrier.com
REGISTER.IT SPA195.110.124.133 (- Italy)
2016-07-08 10:04Distribution SiteLocky
caijiachina.com
REGISTER.IT SPA (n/a)
2016-07-08 10:04Distribution SiteLocky
gebrauchtkauf.at
216.55.105.144 (- Canada)
2016-07-08 10:04Distribution SiteLocky
seferworld.com
NAME.COM, INC.74.220.199.8 (- United States)
2016-07-08 10:04Distribution SiteLocky
drpampe.com
DELUXE SMALL BUSINESS SALES, INC[...]64.29.151.221 (- United States)
2016-07-08 10:04Distribution SiteLocky
fermmedia.com
IHS TELEKOM, INC.94.73.147.68 (- Turkey)
2016-07-08 10:03Distribution SiteLocky
abschlepp-taxi24.at
81.169.145.72 (- Germany)
2016-07-07 22:32Payment SiteCerber
52uo5k3t73ypjije.to6maq.top
Eranet International Limited (n/a)
2016-07-07 22:00Botnet C&CPayCrypt
graund-a.com.ua
ua.ukraine185.68.16.115 (- Ukraine)
2016-07-07 22:00Payment SiteCerber
52uo5k3t73ypjije.fkgrie.top
Eranet International Limited (n/a)
2016-07-07 15:44Payment SiteCerber
27lelchgcvs2wpm7.adevf4.top
Eranet International Limited (n/a)
2016-07-07 14:05Distribution SiteLocky
academicbooks.co.za
129.232.228.74 (- South Africa)
2016-07-07 14:05Distribution SiteLocky
homahost.com
TUCOWS DOMAINS INC. (n/a)
2016-07-07 13:44Botnet C&CLocky
51.255.172.55
51.255.172.55 (- France)
2016-07-07 13:41Payment SiteCerber
52uo5k3t73ypjije.ti4wic.top
Eranet International Limited (n/a)
2016-07-07 12:18Distribution SiteLocky
takipediliyoruz.com
NICS TELEKOMUNIKASYON TIC LTD. S[...]188.138.57.70 (- Germany)
2016-07-07 12:18Distribution SiteLocky
balanaeguia.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]217.76.132.162 (- Spain)
2016-07-07 12:17Distribution SiteLocky
think5c.com
TUCOWS DOMAINS INC. (n/a)
2016-07-07 11:36Distribution SiteLocky
orgelfestival.org
Register.IT SPA81.88.57.68 (- Italy)
2016-07-07 11:36Distribution SiteLocky
michael-taub.com
LCN.COM LTD. (n/a)
2016-07-07 11:36Distribution SiteLocky
graziellaboutique.com
REGISTER.IT SPA46.28.3.56 (- Italy)
2016-07-07 11:36Distribution SiteLocky
levinltd.com
TUCOWS DOMAINS INC.81.22.98.66 (- Turkey)
2016-07-07 11:36Distribution SiteLocky
canvilada.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]217.76.132.161 (- Spain)
2016-07-07 11:36Distribution SiteLocky
lazercanta.com
GODADDY.COM, LLC45.33.9.234 (- United States)
2016-07-07 11:23Distribution SiteLocky
gordreid.com
ENOM, INC.64.151.202.242 (- Canada)
2016-07-07 11:23Distribution SiteLocky
something117.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]125.206.125.198 (- Japan)
2016-07-07 11:23Distribution SiteLocky
comingtools.com
REGISTER.IT SPA195.110.124.188 (- Italy)
2016-07-07 11:23Distribution SiteLocky
eyejoeun.com
GABIA, INC. (n/a)
2016-07-07 11:22Distribution SiteLocky
serranocampos.com
DOMAIN.COM, LLC86.109.162.175 (- Spain)
2016-07-07 11:22Distribution SiteLocky
paulking.it
OMNIBUS-REG151.1.182.231 (- Italy)
2016-07-07 11:22Distribution SiteLocky
jennypestanita.com
REGISTER.IT SPA (n/a)
2016-07-07 11:11Payment SiteLocky
mphtadhci5mrdlju.onion.to
185.100.85.150 (- Romania) +1 A record(s) 192.36.27.5 (AS60729, - Sweden)
2016-07-07 08:28Payment SiteCerber
52uo5k3t73ypjije.skri59.top
Eranet International Limited (n/a)
2016-07-07 01:41Botnet C&CLocky
sgowntfjwkybawi.pw
Dotserve Inc192.42.116.41 (- Netherlands)
2016-07-06 23:23Botnet C&CLocky
148.163.73.29
148.163.73.29 (- United States)
2016-07-06 19:12Payment SiteTorrentLocker
mz7oyb3v32vshcvk.bidobject.li
(n/a)
2016-07-06 19:03Payment SiteCerber
cerberhhyed5frqa.sdfiso.win
Eranet International Limited (n/a)
2016-07-06 18:00Payment SiteCerber
pmenboeqhyrpvomq.li4loi.top
Eranet International Limited (n/a)
2016-07-06 10:17Payment SiteCerber
cerberhhyed5frqa.we34re.top
Eranet International Limited (n/a)
2016-07-05 14:58Payment SiteCerber
52uo5k3t73ypjije.red4is.top
Eranet International Limited (n/a)
2016-07-05 13:49Botnet C&CLocky
185.106.122.38
185.106.122.38 (- Romania)
2016-07-05 13:45Payment SiteTorrentLocker
mz7oyb3v32vshcvk.getstar.li
(n/a)
2016-07-05 13:06Payment SiteCerber
52uo5k3t73ypjije.495iru.top
Eranet International Limited (n/a)
2016-07-05 12:55Payment SiteCerber
52uo5k3t73ypjije.cmfkru.top
Eranet International Limited (n/a)
2016-07-05 11:48Botnet C&CLocky
xhrnfffaixawpuob.pw
Dotserve Inc192.42.116.41 (- Netherlands)
2016-07-05 11:00Payment SiteCerber
52uo5k3t73ypjije.lib2vi.top
Eranet International Limited (n/a)
2016-07-05 11:00Payment SiteCerber
52uo5k3t73ypjije.m5fgoi.top
Eranet International Limited (n/a)
2016-07-05 10:35Botnet C&CLocky
gccxqpuuylioxoip.pw
Dotserve Inc192.42.116.41 (- Netherlands)
2016-07-05 10:35Botnet C&CLocky
rbwubtpsyokqn.info
1API GmbH185.129.148.6 (- Latvia)
2016-07-05 10:23Payment SiteCerber
52uo5k3t73ypjije.dkriur.top
Eranet International Limited (n/a)
2016-07-05 10:06Payment SiteCerber
cerberhhyed5frqa.cmti5o.win
Eranet International Limited (n/a)
2016-07-04 22:45Payment SiteCerber
cerberhhyed5frqa.45kgok.win
Eranet International Limited (n/a)
2016-07-04 21:44Payment SiteCerber
cerberhhyed5frqa.ad34ft.win
Eranet International Limited (n/a)
2016-07-04 20:58Payment SiteCerber
cerberhhyed5frqa.werti4.win
Eranet International Limited (n/a)
2016-07-04 18:28Payment SiteCerber
cerberhhyed5frqa.m5gid4.top
Eranet International Limited (n/a)
2016-07-04 16:16Distribution SiteLocky
clear-sky.tk
BV Dot TK (n/a)
2016-07-04 06:06Payment SiteCerber
cerberhhyed5frqa.wewiso.win
Eranet International Limited (n/a)
2016-07-04 05:45Payment SiteCerber
cerberhhyed5frqa.lfotp5.top
Eranet International Limited (n/a)
2016-07-03 21:57Payment SiteCerber
cerberhhyed5frqa.sims6n.win
Eranet International Limited (n/a)
2016-07-03 20:05Payment SiteCerber
cerberhhyed5frqa.xtrvb4.win
Eranet International Limited (n/a)
2016-07-03 13:04Payment SiteCerber
cerberhhyed5frqa.cneo59.win
Eranet International Limited (n/a)
2016-07-03 12:20Payment SiteCerber
cerberhhyed5frqa.45gf4t.win
Eranet International Limited (n/a)
2016-07-03 09:31Payment SiteCerber
cerberhhyed5frqa.fgfid6.win
Eranet International Limited (n/a)
2016-07-01 19:01Payment SiteCerber
cerberhhyed5frqa.5kti58.win
Eranet International Limited (n/a)
2016-07-01 17:36Payment SiteCerber
cerberhhyed5frqa.m5gid4.win
Eranet International Limited (n/a)
2016-07-01 13:30Botnet C&CLocky
fnjyygovdjyemga.xyz
n/a
2016-07-01 01:33Payment SiteCerber
cerberhhyed5frqa.xmfu59.win
Eranet International Limited (n/a)
2016-06-30 19:00Payment SiteCerber
cerberhhyed5frqa.lib2vi.win
Eranet International Limited (n/a)
2016-06-30 13:26Payment SiteCerber
cerberhhyed5frqa.xo59ok.win
Eranet International Limited (n/a)
2016-06-30 11:13Payment SiteCerber
cerberhhyed5frqa.cmr95i.win
Eranet International Limited (n/a)
2016-06-30 03:56Payment SiteCerber
cerberhhyed5frqa.zgf48j.win
Eranet International Limited (n/a)
2016-06-30 01:52Payment SiteCerber
cerberhhyed5frqa.fkri48.win
Eranet International Limited (n/a)
2016-06-29 23:00Botnet C&CLocky
185.146.169.16
185.146.169.16 (- Russian Federation)
2016-06-29 23:00Botnet C&CLocky
193.9.28.254
193.9.28.254 (- United States)
2016-06-29 20:20Payment SiteCerber
cerberhhyed5frqa.cmr95i.top
Eranet International Limited (n/a)
2016-06-29 17:06Payment SiteCerber
cerberhhyed5frqa.kipfgs65s.com
BIZCN.COM, INC. (n/a)
2016-06-29 10:35Botnet C&CLocky
uvcmlfca.biz
DYNADOT LLC69.195.129.70 (- United States)
2016-06-29 10:35Botnet C&CLocky
wjfkoqueatxdmqw.biz
BIZCN.COM, INC.151.236.15.226 (- Germany)

# of rows displayed: 100
# of entries in database: 9'225

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 >