Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-09-18 11:37Distribution SiteLocky
smt112.com
INTERNET DOMAIN SERVICE BS CORP119.29.144.76 (- China)
2016-09-18 11:28Distribution SiteLocky
smt112.com
INTERNET DOMAIN SERVICE BS CORP119.29.144.76 (- China)
2016-09-18 10:26Payment SiteCerber
52uo5k3t73ypjije.3gpdgx.bid
Eranet International Limited (n/a)
2016-09-18 07:44Payment SiteCerber
52uo5k3t73ypjije.ajolkg.bid
Eranet International Limited (n/a)
2016-09-18 07:26Payment SiteCerber
unocl45trpuoefft.zbj2kc.bid
Eranet International Limited (n/a)
2016-09-18 05:33Payment SiteCerber
pmenboeqhyrpvomq.t4hvl4.bid
Eranet International Limited (n/a)
2016-09-18 05:17Payment SiteCerber
unocl45trpuoefft.7cevps.bid
Eranet International Limited (n/a)
2016-09-18 03:26Payment SiteCerber
52uo5k3t73ypjije.4pjetv.bid
Eranet International Limited (n/a)
2016-09-18 02:12Payment SiteCerber
wjtqjleommc4z46i.yfr0o1.bid
Eranet International Limited (n/a)
2016-09-17 20:31Payment SiteCerber
52uo5k3t73ypjije.68xmf9.bid
Eranet International Limited (n/a)
2016-09-17 18:40Payment SiteCerber
unocl45trpuoefft.jdf4je.bid
Eranet International Limited (n/a)
2016-09-17 17:41Payment SiteCerber
52uo5k3t73ypjije.iait3w.bid
Eranet International Limited (n/a)
2016-09-17 15:18Payment SiteCerber
52uo5k3t73ypjije.5o4bjf.bid
Eranet International Limited (n/a)
2016-09-17 13:22Payment SiteCerber
4kqd3hmqgptupi3p.myaddress.link
Alpnames Limited (n/a)
2016-09-17 11:53Payment SiteCerber
52uo5k3t73ypjije.zhvlh1.bid
Eranet International Limited (n/a)
2016-09-17 08:28Payment SiteCerber
wjtqjleommc4z46i.vh6vss.bid
Eranet International Limited (n/a)
2016-09-17 07:36Payment SiteCerber
52uo5k3t73ypjije.5ittco.bid
Eranet International Limited (n/a)
2016-09-17 04:38Payment SiteCerber
4kqd3hmqgptupi3p.yoursdoor.lol
Alpnames Limited (n/a)
2016-09-17 03:45Payment SiteCerber
wjtqjleommc4z46i.y2ijlz.bid
Eranet International Limited (n/a)
2016-09-17 00:19Payment SiteCerber
52uo5k3t73ypjije.pop81.com
ERANET INTERNATIONAL LIMITED (n/a)
2016-09-17 00:16Payment SiteCerber
52uo5k3t73ypjije.mn1kms.bid
Eranet International Limited (n/a)
2016-09-16 23:36Payment SiteCerber
52uo5k3t73ypjije.ai7hur.bid
Eranet International Limited (n/a)
2016-09-16 23:00Payment SiteCerber
4kqd3hmqgptupi3p.anypicked.red
Alpnames Limited (n/a)
2016-09-16 21:05Payment SiteCerber
4kqd3hmqgptupi3p.gapplayed.link
Alpnames Limited (n/a)
2016-09-16 20:14Payment SiteCerber
unocl45trpuoefft.zgheyh.bid
Eranet International Limited (n/a)
2016-09-16 20:06Payment SiteCerber
4kqd3hmqgptupi3p.metpast.site
AlpNames Limited (n/a)
2016-09-16 19:31Payment SiteCerber
wjtqjleommc4z46i.au6d1d.bid
Eranet International Limited (n/a)
2016-09-16 17:48Payment SiteCerber
4kqd3hmqgptupi3p.storingus.gdn
AlpNames Limited (n/a)
2016-09-16 16:27Payment SiteCerber
4kqd3hmqgptupi3p.7w9p1n.bid
Eranet International Limited (n/a)
2016-09-16 14:30Payment SiteCerber
52uo5k3t73ypjije.cpvwgx.bid
Eranet International Limited (n/a)
2016-09-16 13:52Distribution SiteLocky
zesthouse.com
NETOWL, INC.183.90.250.22 (- Japan)
2016-09-16 13:51Distribution SiteLocky
gumorca.com
NEUBOX INTERNET SA DE CV204.11.56.48 (- Virgin Islands)
2016-09-16 13:48Distribution SiteLocky
junhao8.com
HICHINA ZHICHENG TECHNOLOGY LTD.123.184.40.29 (- China)
2016-09-16 13:48Payment SiteCerber
52uo5k3t73ypjije.o9w43w.bid
Eranet International Limited (n/a)
2016-09-16 13:39Distribution SiteLocky
lexagora.it
REGISTER-REG5.135.179.42 (- France)
2016-09-16 12:25Distribution SiteLocky
swivelsrus.com
DOMAINPEOPLE, INC.64.41.88.104 (- United States)
2016-09-16 12:25Distribution SiteLocky
demo.website.pl
Consulting Service Sp. z o.o.193.218.152.105 (- Poland)
2016-09-16 12:24Distribution SiteLocky
all4supply.com
LIGNE WEB SERVICES SARL DBA LWS91.92.111.112 (- Bulgaria)
2016-09-16 12:23Distribution SiteLocky
malamalamak9.net
NAMESECURE.COM74.122.121.8 (- United States)
2016-09-16 12:23Distribution SiteLocky
samenart.com
ONLINENIC, INC.88.198.249.236 (- Germany)
2016-09-16 12:22Distribution SiteLocky
curlysol.com
NAMESILO, LLC23.229.73.4 (- United States)
2016-09-16 12:22Distribution SiteLocky
24hourprintshop.com
ENOM, INC.69.64.147.45 (- United States)
2016-09-16 12:22Distribution SiteLocky
islamiccollege.org
Tucows Inc. (n/a)
2016-09-16 12:20Distribution SiteLocky
sds-india.org
GoDaddy.com, LLC (n/a)
2016-09-16 12:20Distribution SiteLocky
paraspokeri.net
GODADDY.COM, LLC91.186.1.102 (- United Kingdom)
2016-09-16 12:20Distribution SiteLocky
chelsea-west.com
NETOWL, INC.157.112.176.54 (- Japan)
2016-09-16 12:19Distribution SiteLocky
sadeqmedia.com
TUCOWS DOMAINS INC.185.8.173.48 (- Iran)
2016-09-16 12:17Distribution SiteLocky
helpmybathroom.com
GODADDY.COM, LLC192.186.233.9 (- United States)
2016-09-16 12:16Distribution SiteLocky
b-creative.be
Registrar.eu84.244.181.216 (- Netherlands)
2016-09-16 12:15Distribution SiteLocky
salemwitchcat.com
GODADDY.COM, LLC204.11.56.48 (- Virgin Islands)
2016-09-16 12:14Distribution SiteLocky
hollystamps.com
TUCOWS DOMAINS INC. (n/a)
2016-09-16 12:14Distribution SiteLocky
urachart.com
ONLINENIC, INC.203.170.192.184 (- Thailand)
2016-09-16 12:14Distribution SiteLocky
46709394.com
ENOM, INC.117.18.114.35 (- Hong Kong)
2016-09-16 12:14Distribution SiteLocky
yerndrunk.net
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-09-16 12:13Distribution SiteLocky
lv-nexis.com
IP MIRROR PTE LTD. DBA IP MIRROR43.245.62.130 (- Singapore)
2016-09-16 12:13Distribution SiteLocky
miamilimosina.com
GODADDY.COM, LLC50.63.202.38 (- United States)
2016-09-16 12:13Distribution SiteLocky
shopmjn.com
MARKMONITOR INC.72.52.10.14 (- United States)
2016-09-16 12:12Distribution SiteLocky
mclodesigns.com
GODADDY.COM, LLC148.72.1.119 (- United States)
2016-09-16 12:12Distribution SiteLocky
inovsol.com
LIQUIDNET LTD.204.11.56.48 (- Virgin Islands)
2016-09-16 12:11Distribution SiteLocky
all4supply.com
LIGNE WEB SERVICES SARL DBA LWS91.92.111.112 (- Bulgaria)
2016-09-16 12:11Distribution SiteLocky
wordpresshosting.co.il
5.100.250.58 (- Israel)
2016-09-16 12:11Distribution SiteLocky
travelvoice.com
NETWORK SOLUTIONS, LLC.223.130.24.150 (- Australia)
2016-09-16 12:09Distribution SiteLocky
psychquiz.com
GODADDY.COM, LLC (n/a)
2016-09-16 12:08Distribution SiteLocky
honeydavis.us
GODADDY.COM, INC. (n/a)
2016-09-16 12:08Distribution SiteLocky
sinergica.cl
186.64.121.131 (- Chile)
2016-09-16 12:07Distribution SiteLocky
maggycocoa.net
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-09-16 12:07Distribution SiteLocky
rentvspb.ru
RU-CENTER-RU91.214.71.3 (- Russian Federation)
2016-09-16 12:06Distribution SiteLocky
adityastar.com
GODADDY.COM, LLC (n/a)
2016-09-16 12:05Distribution SiteLocky
tobybender.com
TUCOWS DOMAINS INC. (n/a)
2016-09-16 12:04Distribution SiteLocky
qarmoo.com
ENOM, INC.143.95.253.117 (- United States)
2016-09-16 12:04Distribution SiteLocky
jsydjc.com
WEB COMMERCE COMMUNICATIONS LIMI[...]221.122.111.73 (- China)
2016-09-16 12:04Distribution SiteLocky
apro88.com
ENOM, INC.67.231.248.250 (- United States)
2016-09-16 12:03Distribution SiteLocky
mudelts.com
GODADDY.COM, LLC97.74.215.143 (- United States)
2016-09-16 12:03Distribution SiteLocky
graveyardsofmilwaukee.org
Domain.com, LLC69.41.190.145 (- United States)
2016-09-16 12:02Distribution SiteLocky
bsm.sk
80.94.52.76 (- Slovakia)
2016-09-16 11:28Distribution SiteLocky
yerndrunk.net
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-09-16 11:26Distribution SiteLocky
bulkreasy.com
KEY-SYSTEMS GMBH (n/a)
2016-09-16 11:26Distribution SiteLocky
swivelsrus.com
DOMAINPEOPLE, INC.64.41.88.104 (- United States)
2016-09-16 11:25Distribution SiteLocky
helpmybathroom.com
GODADDY.COM, LLC192.186.233.9 (- United States)
2016-09-16 11:25Distribution SiteLocky
mclodesigns.com
GODADDY.COM, LLC148.72.1.119 (- United States)
2016-09-16 11:25Distribution SiteLocky
jsydjc.com
WEB COMMERCE COMMUNICATIONS LIMI[...]221.122.111.73 (- China)
2016-09-16 11:24Distribution SiteLocky
sinergica.cl
186.64.121.131 (- Chile)
2016-09-16 11:24Distribution SiteLocky
shopmjn.com
MARKMONITOR INC.72.52.10.14 (- United States)
2016-09-16 11:23Distribution SiteLocky
travelvoice.com
NETWORK SOLUTIONS, LLC.223.130.24.150 (- Australia)
2016-09-16 11:23Distribution SiteLocky
alexandrkireev.ru
REGRU-RU85.10.206.116 (- Germany)
2016-09-16 11:23Distribution SiteLocky
bulkreasy.com
KEY-SYSTEMS GMBH (n/a)
2016-09-16 11:22Distribution SiteLocky
xsolution.sk
31.220.20.57 (- United Kingdom)
2016-09-16 11:22Distribution SiteLocky
yerndrunk.net
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-09-16 11:21Distribution SiteLocky
maggycocoa.net
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-09-16 11:21Distribution SiteLocky
hollystamps.com
TUCOWS DOMAINS INC. (n/a)
2016-09-16 11:20Distribution SiteLocky
psychquiz.com
GODADDY.COM, LLC (n/a)
2016-09-16 11:20Distribution SiteLocky
maggycocoa.net
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-09-16 11:20Distribution SiteLocky
yerndrunk.net
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-09-16 11:19Distribution SiteLocky
aeroptim.com
ENOM, INC.109.234.161.45 (- France)
2016-09-16 11:19Distribution SiteLocky
sanalnet.org
OnlineNIC Inc.188.124.5.33 (- Turkey)
2016-09-16 11:18Distribution SiteLocky
lv-nexis.com
IP MIRROR PTE LTD. DBA IP MIRROR43.245.62.130 (- Singapore)
2016-09-16 11:18Distribution SiteLocky
tobybender.com
TUCOWS DOMAINS INC. (n/a)
2016-09-16 11:18Distribution SiteLocky
bulkreasy.com
KEY-SYSTEMS GMBH (n/a)
2016-09-16 11:17Distribution SiteLocky
paraspokeri.net
GODADDY.COM, LLC91.186.1.102 (- United Kingdom)
2016-09-16 11:17Distribution SiteLocky
inovsol.com
LIQUIDNET LTD.204.11.56.48 (- Virgin Islands)

# of rows displayed: 100
# of entries in database: 12'974

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 >