Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-03-08 02:39Botnet C&CLocky
glhxgchhfemcjgr.pw
101Domain, Inc.195.22.28.197 (- Portugal)
2016-03-07 21:15Botnet C&CTeslaCrypt
csucanuevo.csuca.org
Gandi SAS186.151.199.5 (- Guatemala)
2016-03-07 15:38Botnet C&CLocky
185.92.220.35
185.92.220.35 (- Netherlands)
2016-03-07 15:24Payment SiteTorrentLocker
vrvis6ndra5jeggj.livewargaming.ch
1API GmbH (n/a)
2016-03-07 15:14Payment SiteTorrentLocker
vrvis6ndra5jeggj.livegaming.ch
1API GmbH (n/a)
2016-03-07 14:47Botnet C&CTorrentLocker
fhgetyh.com
REGISTRAR OF DOMAIN NAMES REG.RU[...] (n/a)
2016-03-07 14:47Botnet C&CTeslaCrypt
newculturemediablog.com
GODADDY.COM, LLC50.63.50.75 (- United States)
2016-03-07 13:56Distribution SiteLocky
www.souqaqonline.com
FASTDOMAIN, INC.50.87.248.65 (- United States)
2016-03-07 13:56Distribution SiteLocky
www.promumedical.com
DREAMHOST, LLC69.163.217.25 (- United States)
2016-03-07 13:56Distribution SiteLocky
texfibre.eu
OnlineNIC Inc50.87.33.215 (- United States)
2016-03-07 13:56Distribution SiteLocky
surprise.co.in
GoDaddy.com, LLC (R101-AFIN)138.201.126.124 (- Germany)
2016-03-07 13:56Distribution SiteLocky
sub4.gustoitalia.ru
RU-CENTER-RU (n/a)
2016-03-07 13:56Distribution SiteLocky
shapes.com.pk
50.87.248.127 (- United States)
2016-03-07 13:56Distribution SiteLocky
scs-smesi.ru
REGRU-RU (n/a)
2016-03-07 13:56Distribution SiteLocky
ptunited.net
GODADDY.COM, LLC203.124.116.1 (- Singapore)
2016-03-07 13:56Distribution SiteLocky
lightsroom.ru
REGRU-RU (n/a)
2016-03-07 13:56Distribution SiteLocky
kievelectric.kiev.ua
ua.gransy77.87.192.214 (- Ukraine)
2016-03-07 13:56Distribution SiteLocky
kiddyshop.kiev.ua
ua.gransy (n/a)
2016-03-07 13:55Distribution SiteLocky
jldoptics.com
GUANGDONG JINWANBANG TECHNOLOGY [...]47.52.21.175 (- Canada)
2016-03-07 13:55Distribution SiteLocky
fibrefamily.ru
REGRU-RU37.140.192.177 (- Russian Federation)
2016-03-07 13:55Distribution SiteLocky
dsignshop.com.au
GoDaddy.com, LLC203.124.103.1 (- Singapore)
2016-03-07 13:55Distribution SiteLocky
azshop24.com.vn
103.42.56.170 (- Vietnam)
2016-03-07 13:55Distribution SiteLocky
alexkote.ru
REGRU-RU31.31.196.55 (- Russian Federation)
2016-03-07 13:55Distribution SiteLocky
aqarhits.com
WILD WEST DOMAINS, LLC (n/a)
2016-03-07 13:39Botnet C&CTeslaCrypt
saludaonline.com
GODADDY.COM, LLC184.168.53.1 (- United States)
2016-03-07 12:45Payment SiteTeslaCrypt
w6bfg4hahn5bfnlsafgchkvg5fwsfvrt.hareuna.at
(n/a)
2016-03-07 12:45Payment SiteTeslaCrypt
po4dbsjbneljhrlbvaueqrgveatv.bonmawp.at
(n/a)
2016-03-07 12:28Payment SiteTeslaCrypt
u54bbnhf354fbkh254tbkhjbgy8258gnkwerg.tahaplap.com
BIZCN.COM, INC.184.105.192.2 (- United States)
2016-03-07 12:27Distribution SiteTeslaCrypt
howareyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 12:26Distribution SiteTeslaCrypt
hellomisterbiznesqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 11:38Botnet C&CLocky
109.237.111.168
109.237.111.168 (- Russian Federation)
2016-03-07 11:38Botnet C&CLocky
46.108.39.18
46.108.39.18 (- Romania)
2016-03-07 09:27Botnet C&CLocky
212.47.223.19
212.47.223.19 (- Estonia)
2016-03-07 09:22Distribution SiteTeslaCrypt
hellomydearqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 09:21Botnet C&CTeslaCrypt
tmfilms.net
GODADDY.COM, LLC50.62.122.1 (- United States)
2016-03-07 06:33Distribution SiteTeslaCrypt
mafianeedsyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:30Distribution SiteTeslaCrypt
itsyourtimeqq.su
R01-REG-FID (n/a)
2016-03-07 06:27Distribution SiteTeslaCrypt
gutentagmeinliebeqq.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-07 06:25Distribution SiteTeslaCrypt
goonwithmazerqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:22Distribution SiteTeslaCrypt
helloyoungmanqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:20Distribution SiteTeslaCrypt
lenovowantsyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:19Distribution SiteTeslaCrypt
thisisyourchangeqq.com
PAKNIC (PRIVATE) LIMITED (n/a)
2016-03-07 06:17Distribution SiteTeslaCrypt
invoiceholderqq.com
PAKNIC (PRIVATE) LIMITED (n/a)
2016-03-07 06:14Distribution SiteTeslaCrypt
mafiawantsyouqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:10Distribution SiteTeslaCrypt
itisverygoodqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-07 06:06Distribution SiteTeslaCrypt
hpalsowantsff.com
WEB COMMERCE COMMUNICATIONS LIMI[...]n/a
2016-03-06 21:49Botnet C&CCryptoWall
openroadsolutions.com
GODADDY.COM, LLC208.109.243.37 (- United States)
2016-03-06 21:49Botnet C&CCryptoWall
www.decorandoimoveis.com
ENOM, INC.198.154.250.33 (- United States)
2016-03-06 16:28Distribution SiteTeslaCrypt
arendroukysdqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-06 16:27Distribution SiteTeslaCrypt
blizzbauta.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-06 16:25Distribution SiteTeslaCrypt
fromjamaicaqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-06 16:22Distribution SiteTeslaCrypt
yesitisqqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-06 16:01Botnet C&CTorrentLocker
xxryposdrt.org
Registrar of Domain Names REG.RU[...] (n/a)
2016-03-06 11:58Botnet C&CLocky
185.82.216.213
185.82.216.213 (- Bulgaria)
2016-03-06 10:37Payment SiteTeslaCrypt
oehknf74ohqlfnpq9rhfgcq93g.hateflux.com
BIZCN.COM, INC.184.105.192.2 (- United States)
2016-03-06 10:37Payment SiteTeslaCrypt
gfkuwflbhsjdabnu4nfukerfqwlfwr4rw.ringbalor.com
BIZCN.COM, INC.184.105.192.2 (- United States)
2016-03-06 09:18Distribution SiteTeslaCrypt
ohellowruff.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-06 08:52Distribution SiteTeslaCrypt
blablaworldqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-06 08:51Distribution SiteTeslaCrypt
lenovomaybenotqq.com
BIZCN.COM, INC.216.218.135.114 (- United States)
2016-03-06 07:10Botnet C&CTeslaCrypt
conspec.us
GODADDY.COM, INC.50.62.245.1 (- United States)
2016-03-05 17:18Botnet C&CTorrentLocker
velajsweg.com
REGISTRAR OF DOMAIN NAMES REG.RU[...] (n/a)
2016-03-05 17:16Botnet C&CTorrentLocker
oprtiwyx.com
REGISTRAR OF DOMAIN NAMES REG.RU[...] (n/a)
2016-03-05 16:26Botnet C&CCryptoWall
tusrecetas.net
GODADDY.COM, LLC69.162.104.22 (- United States)
2016-03-05 11:59Botnet C&CCryptoWall
trion.com.ph
104.238.111.90 (- United States)
2016-03-05 07:28Botnet C&CLocky
fitga.ru
101DOMAIN-RU195.22.28.197 (- Portugal)
2016-03-05 06:35Botnet C&CTorrentLocker
nerfetyv.org
Registrar of Domain Names REG.RU[...] (n/a)
2016-03-05 06:33Payment SiteTorrentLocker
rzss2zfue73dfvmj.truewargame.ch
1API GmbH (n/a)
2016-03-05 03:29Botnet C&CLocky
cudcfybkk.pw
101Domain, Inc.195.22.28.196 (- Portugal)
2016-03-04 23:06Botnet C&CLocky
wdvxeval.ru
101DOMAIN-RU195.22.28.197 (- Portugal)
2016-03-04 20:58Botnet C&CLocky
gvludcvhcrjwmgq.in
101domain, Inc. (R115-AFIN)195.22.28.196 (- Portugal)
2016-03-04 17:02Distribution SiteTeslaCrypt
soclosebutyetqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-04 17:02Distribution SiteTeslaCrypt
ohelloweuqq.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-04 16:15Botnet C&CTeslaCrypt
goktugyeli.com
REG2C.COM, INC.185.22.184.156 (- Turkey)
2016-03-04 15:12Botnet C&CTeslaCrypt
iqinternal.com
GODADDY.COM, LLC107.180.44.212 (- United States)
2016-03-04 14:29Botnet C&CCryptoWall
hamilton150.co.nz
167.88.167.10 (- United States)
2016-03-04 13:39Botnet C&CTeslaCrypt
fisioactivo.com
GODADDY.COM, LLC160.153.79.168 (- United States)
2016-03-04 13:16Payment SiteLocky
i3ezlvkoi7fwyood.tor2web.org
Tucows Inc.185.100.85.150 (- Romania) +1 A record(s) 192.36.27.5 (AS60729, - Sweden)
2016-03-04 13:16Payment SiteLocky
i3ezlvkoi7fwyood.onion.to
185.100.85.150 (- Romania) +1 A record(s) 192.36.27.5 (AS60729, - Sweden)
2016-03-04 07:22Botnet C&CTeslaCrypt
serbiotecnicos.com
ENOM, INC.198.252.78.160 (- United States)
2016-03-03 18:26Botnet C&CTeslaCrypt
onegiantstore.com
GODADDY.COM, LLC50.62.66.1 (- United States)
2016-03-03 18:04Distribution SiteTeslaCrypt
isthereanybodyqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-03 18:04Distribution SiteTeslaCrypt
ujajajgogoff.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-03 11:35Botnet C&CCryptoWall
takaram.ir
82.102.8.142 (- Portugal)
2016-03-03 06:05Botnet C&CTeslaCrypt
dustinhansenbook.com
GODADDY.COM, LLC173.201.145.1 (- United States)
2016-03-02 16:13Botnet C&CLocky
95.213.184.10
95.213.184.10 (- Russian Federation)
2016-03-02 15:08Botnet C&CLocky
192.71.213.69
192.71.213.69 (- Spain)
2016-03-02 14:08Botnet C&CCryptoWall
americancorner.udp.cl
200.14.85.32 (- Chile)
2016-03-02 13:51Payment SiteTorrentLocker
vrvis6ndra5jeggj.onlinebattlefield.ch
1API GmbH (n/a)
2016-03-02 13:50Payment SiteTeslaCrypt
pts764gt354fder34fsqw45gdfsavadfgsfg.kraskula.com
BIZCN.COM, INC.184.105.192.2 (- United States)
2016-03-02 13:47Botnet C&CTorrentLocker
ropytowero.com
REGISTRAR OF DOMAIN NAMES REG.RU[...] (n/a)
2016-03-02 13:47Botnet C&CTorrentLocker
wotreposdo.net
REGISTRAR OF DOMAIN NAMES REG.RU[...] (n/a)
2016-03-02 13:47Botnet C&CTorrentLocker
birufolen.com
REGISTRAR OF DOMAIN NAMES REG.RU[...] (n/a)
2016-03-02 13:47Botnet C&CTorrentLocker
sawsvore.net
REGISTRAR OF DOMAIN NAMES REG.RU[...] (n/a)
2016-03-02 13:46Botnet C&CTorrentLocker
pakezspohos.org
Registrar of Domain Names REG.RU[...] (n/a)
2016-03-02 13:00Payment SiteTeslaCrypt
sondr5344ygfweyjbfkw4fhsefv.heliofetch.at
(n/a)
2016-03-02 12:28Distribution SiteLocky
www.countrysaloonriki.sk
(n/a)
2016-03-02 12:27Distribution SiteLocky
leksvik.historielag.org
eNom, Inc.81.21.75.87 (- United Kingdom)
2016-03-02 12:27Distribution SiteLocky
sumiden-e.co.jp
210.129.90.38 (- Japan)
2016-03-02 12:27Distribution SiteLocky
e-monalisa.ro
ICI - ROTLD37.251.140.222 (- Romania) +1 A record(s) 89.38.251.222 (AS34358, - Romania)
2016-03-02 12:26Distribution SiteLocky
ecofriend.co.jp
64.56.177.79 (- Japan)

# of rows displayed: 100
# of entries in database: 9'210

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 >