Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-03-15 14:28Distribution SiteLocky
c001456.aaa.ididp.com
XIN NET TECHNOLOGY CORPORATION47.91.139.156 (- Canada)
2016-03-15 14:28Distribution SiteLocky
alumaxgroup.in
Webiq Domains Solutions Pvt. Ltd[...]98.131.204.1 (- United States)
2016-03-15 14:26Distribution SiteLocky
aimsande.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]98.131.204.1 (- United States)
2016-03-15 13:29Payment SiteTorrentLocker
3qbyaoohkcqkzrz6.torplanet.eu
eNom, Inc (n/a)
2016-03-15 12:43Botnet C&CLocky
51.255.107.10
51.255.107.10 (- France)
2016-03-15 11:43Botnet C&CTeslaCrypt
esbook.com
ENOM, INC.174.136.12.119 (- United States)
2016-03-15 08:11Botnet C&CTeslaCrypt
nlhomegarden.com
GODADDY.COM, LLC107.180.50.210 (- United States)
2016-03-15 07:51Botnet C&CTeslaCrypt
emmy2015.com
GODADDY.COM, LLC107.180.50.183 (- United States)
2016-03-15 07:38Distribution SiteTeslaCrypt
imgointoeatnowcc.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-15 07:38Distribution SiteTeslaCrypt
giveitalltheresqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-14 15:40Botnet C&CTeslaCrypt
kel52.com
1&1 INTERNET SE108.167.141.20 (- United States)
2016-03-14 15:21Distribution SiteTeslaCrypt
washitallawayff.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-14 15:21Distribution SiteTeslaCrypt
giveitallhereqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-14 09:16Distribution SiteTeslaCrypt
ohelloguyff.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-14 07:49Payment SiteTeslaCrypt
974gfbjhb23hbfkyfaby3byqlyuebvly5q254y.mendilobo.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-03-14 07:42Payment SiteTeslaCrypt
a64gfdsjhb4htbiwaysbdvukyft5q.zobodine.at
(n/a)
2016-03-14 07:35Distribution SiteTeslaCrypt
ohelloguyqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-14 07:35Distribution SiteTeslaCrypt
ohelloguymyff.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-14 07:35Distribution SiteTeslaCrypt
ohelloguyzzqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-14 07:35Distribution SiteTeslaCrypt
howisittomorrowff.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-14 07:34Distribution SiteTeslaCrypt
bonjovijonqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-14 06:34Botnet C&CTeslaCrypt
198.1.95.93
(n/a)
2016-03-12 23:23Botnet C&CPayCrypt
neyenirneicilir.com
NICS TELEKOMUNIKASYON TICARET LT[...]94.73.150.190 (- Turkey)
2016-03-12 10:21Botnet C&CTeslaCrypt
controlfreaknetworks.com
GODADDY.COM, LLC97.74.249.1 (- United States)
2016-03-12 09:43Botnet C&CCryptoWall
oregonreversemortgage.com
NAMEPAL.COM, LLC198.143.138.43 (- United States)
2016-03-12 09:43Botnet C&CCryptoWall
jambola.com
123-REG LIMITED208.109.189.88 (- United States)
2016-03-12 09:23Botnet C&CTeslaCrypt
shirongfeng.cn
浙江贰贰网络有限公司103.254.148.121 (- Hong Kong)
2016-03-11 21:48Botnet C&CLocky
91.234.32.192
91.234.32.192 (- Ukraine)
2016-03-11 19:35Botnet C&CLocky
91.219.30.254
91.219.30.254 (- Ukraine)
2016-03-11 13:41Botnet C&CLocky
31.184.196.75
31.184.196.75 (- Russian Federation)
2016-03-11 13:41Botnet C&CTeslaCrypt
sappmtraining.com
GODADDY.COM, LLC166.62.4.223 (- United States)
2016-03-11 13:04Payment SiteTeslaCrypt
bfd45u8ehdklrfqwlhbhjbgqw.niptana.at
(n/a)
2016-03-11 10:52Distribution SiteLocky
www.momstav.com
CSL COMPUTER SERVICE LANGENBACH [...]178.217.244.11 (- Czech Republic)
2016-03-11 10:52Distribution SiteLocky
galit-law.co.il
62.219.197.70 (- Israel)
2016-03-11 10:51Distribution SiteLocky
peterdickem.com
WILD WEST DOMAINS, LLC (n/a)
2016-03-11 10:51Distribution SiteLocky
nobilitas.cz
REG-STABLE88.86.120.181 (- Czech Republic)
2016-03-11 10:51Distribution SiteLocky
50.28.211.199
(n/a)
2016-03-11 10:51Distribution SiteLocky
nro.gov.sd
(n/a)
2016-03-11 10:20Distribution SiteLocky
ghayatv.com
DOMAIN.COM, LLC (n/a)
2016-03-11 10:13Distribution SiteTeslaCrypt
mommycantakeff.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-11 10:12Distribution SiteTeslaCrypt
hellomississmithqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-11 08:58Payment SiteTeslaCrypt
kh5jfnvkk5twerfnku5twuilrnglnuw45yhlw.vealsithe.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-03-11 06:52Botnet C&CTeslaCrypt
vtechshop.net
GODADDY.COM, LLC203.124.115.1 (- Singapore)
2016-03-11 06:47Distribution SiteLocky
kaleofis.com
NICS TELEKOMUNIKASYON TICARET LT[...]69.64.35.2 (- United States)
2016-03-10 17:56Botnet C&CLocky
31.184.196.78
31.184.196.78 (- Russian Federation)
2016-03-10 15:54Botnet C&CTeslaCrypt
multibrandphone.com
1&1 INTERNET SE162.208.8.165 (- United States)
2016-03-10 13:36Payment SiteTeslaCrypt
irhng84nfaslbv243ljtblwqjrb.pinnafaon.at
(n/a)
2016-03-10 13:35Payment SiteTeslaCrypt
rbg4hfbilrf7to452p89hrfq.boonmower.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-03-10 12:32Botnet C&CTeslaCrypt
tele-channel.com
REALTIME REGISTER BV178.162.214.146 (- Germany)
2016-03-10 11:40Botnet C&CLocky
91.234.33.149
91.234.33.149 (- Ukraine)
2016-03-10 11:18Botnet C&CTorrentLocker
vitrok.org
Registrar of Domain Names REG.RU[...] (n/a)
2016-03-10 10:52Distribution SiteLocky
xn--b1afonddk2l.xn--p1ai
(n/a)
2016-03-10 10:51Distribution SiteLocky
ncrweb.in
Webiq Domains Solutions Pvt. Ltd[...]146.88.26.212 (- India)
2016-03-10 10:51Distribution SiteLocky
iwear.md
(n/a)
2016-03-10 10:50Distribution SiteLocky
fortyseven.com.ar
184.154.100.2 (- United States)
2016-03-10 10:50Distribution SiteLocky
fashion-boutique.com.ua
ua.nic185.65.245.177 (- Ukraine)
2016-03-10 06:39Botnet C&CCryptoWall
gibdd.ws
Regtime.net Ltd.178.208.83.11 (- Russian Federation)
2016-03-10 06:39Botnet C&CCryptoWall
anoukdelecluse.nl
Hosting2GO B.V.83.137.194.20 (- Netherlands)
2016-03-10 05:51Botnet C&CTeslaCrypt
specializedaccess.co.uk
Namesco Limited85.233.160.146 (- United Kingdom)
2016-03-09 20:39Botnet C&CLocky
151.236.14.51
151.236.14.51 (- Netherlands)
2016-03-09 19:25Botnet C&CLocky
egovrxvuspxck.be
101Domain, Inc.195.22.26.248 (- Portugal)
2016-03-09 19:25Botnet C&CLocky
bqbbsfdw.be
101Domain, Inc.195.22.28.199 (- Portugal)
2016-03-09 19:25Botnet C&CLocky
78.40.108.39
78.40.108.39 (- Kazakhstan)
2016-03-09 17:40Botnet C&CCryptoWall
marciogerhardtsouza.com.br
186.202.153.14 (- Brazil)
2016-03-09 16:23Botnet C&CTeslaCrypt
cam-itour.info
GoDaddy.com, LLC188.40.132.132 (- Germany)
2016-03-09 16:23Botnet C&CTeslaCrypt
ahlanmedicalcentre.com
GODADDY.COM, LLC184.168.47.225 (- United States)
2016-03-09 15:02Botnet C&CLocky
91.195.12.131
91.195.12.131 (- Ukraine)
2016-03-09 12:49Distribution SiteLocky
www.ekowen.sk
147.213.4.6 (- Slovakia)
2016-03-09 12:48Distribution SiteLocky
shofukai.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.61 (- United States)
2016-03-09 12:48Distribution SiteLocky
saachi.co
GODADDY.COM, INC.184.168.221.54 (- United States)
2016-03-09 12:48Distribution SiteLocky
planetarchery.com.au
TPP Wholesale Pty Ltd103.240.88.28 (- Australia)
2016-03-09 12:47Distribution SiteLocky
myonlinedeals.pk
146.185.16.123 (- United Kingdom)
2016-03-09 12:47Distribution SiteLocky
hipnotixx.com
123-REG LIMITED (n/a)
2016-03-09 12:47Distribution SiteLocky
ari-ev.com
TUCOWS DOMAINS INC. (n/a)
2016-03-09 12:47Distribution SiteLocky
nguoitieudungthongthai.com
ONLINENIC, INC.112.213.89.162 (- Vietnam)
2016-03-09 12:46Distribution SiteLocky
ihsanind.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]209.99.40.222 (- United States)
2016-03-09 12:06Botnet C&CTorrentLocker
sfasdik.com
REGISTRAR OF DOMAIN NAMES REG.RU[...] (n/a)
2016-03-09 11:56Botnet C&CLocky
37.235.53.18
37.235.53.18 (- Spain)
2016-03-09 10:01Botnet C&CTorrentLocker
vizkore.biz
PDR LTD. D/B/A PUBLICDOMAINREGIS[...] (n/a)
2016-03-09 10:01Botnet C&CTorrentLocker
cerbyk.org
Registrar of Domain Names REG.RU[...] (n/a)
2016-03-09 10:00Botnet C&CTorrentLocker
hgdre.org
Registrar of Domain Names REG.RU[...] (n/a)
2016-03-09 07:51Botnet C&CTeslaCrypt
www.informaticauno.net
NETEARTH ONE INC. D/B/A NETEARTH50.87.28.241 (- United States)
2016-03-08 15:38Botnet C&CLocky
89.108.85.163
89.108.85.163 (- Russian Federation)
2016-03-08 15:34Botnet C&CLocky
149.154.157.14
149.154.157.14 (- Italy)
2016-03-08 13:55Distribution SiteLocky
51457642.de.strato-hosting.eu
STRATO AG81.169.145.153 (- Germany)
2016-03-08 13:55Distribution SiteLocky
het-havenhuis.nl
Hosting2GO B.V. (n/a)
2016-03-08 13:55Distribution SiteLocky
kokoko.himegimi.jp
112.140.42.29 (- Japan)
2016-03-08 13:55Distribution SiteLocky
lahmar.choukri.perso.neuf.fr
Société Française du Radioté[...]86.65.123.70 (- France)
2016-03-08 13:55Distribution SiteLocky
ministerepuissancejesus.com
DYNADOT, LLC (n/a)
2016-03-08 13:55Distribution SiteLocky
ozono.org.es
212.227.247.216 (- Germany)
2016-03-08 13:55Distribution SiteLocky
www.vtipnetriko.cz
REG-MEDIA4WEB95.80.214.221 (- Czech Republic)
2016-03-08 11:58Payment SiteTorrentLocker
rzss2zfue73dfvmj.onlinerpgame.ch
(n/a)
2016-03-08 08:04Payment SiteTeslaCrypt
t54ndnku456ngkwsudqer.wallymac.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-03-08 08:03Payment SiteTeslaCrypt
hrfgd74nfksjdcnnklnwefvdsf.materdunst.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-03-08 08:02Distribution SiteTeslaCrypt
greetingsjamajcaff.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-08 07:52Botnet C&CTorrentLocker
ghdeg.com
REGISTRAR OF DOMAIN NAMES REG.RU[...] (n/a)
2016-03-08 07:39Botnet C&CTorrentLocker
gfjhfg.com
REGISTRAR OF DOMAIN NAMES REG.RU[...] (n/a)
2016-03-08 07:37Botnet C&CTorrentLocker
geriky.org
Registrar of Domain Names REG.RU[...] (n/a)
2016-03-08 07:23Botnet C&CTeslaCrypt
drcordoba.com
GODADDY.COM, LLC50.62.125.1 (- United States)
2016-03-08 07:19Botnet C&CLocky
192.121.16.196
192.121.16.196 (- Netherlands)

# of rows displayed: 100
# of entries in database: 9'211

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 >