Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-09-03 11:45Payment SiteCerber
52uo5k3t73ypjije.zzis8p.bid
Eranet International Limited (n/a)
2016-09-03 10:35Payment SiteCerber
unocl45trpuoefft.18xhww.bid
Eranet International Limited (n/a)
2016-09-03 08:43Payment SiteCerber
unocl45trpuoefft.ih301a.bid
Eranet International Limited (n/a)
2016-09-03 06:56Payment SiteCerber
52uo5k3t73ypjije.u36ik0.bid
Eranet International Limited (n/a)
2016-09-03 06:52Payment SiteCerber
unocl45trpuoefft.v4kx51.bid
Eranet International Limited (n/a)
2016-09-03 06:50Payment SiteCerber
52uo5k3t73ypjije.k21zey.bid
Eranet International Limited (n/a)
2016-09-03 06:49Payment SiteCerber
52uo5k3t73ypjije.6w3rkc.bid
Eranet International Limited (n/a)
2016-09-03 06:41Payment SiteCerber
unocl45trpuoefft.a4v4c3.bid
Eranet International Limited (n/a)
2016-09-03 05:51Payment SiteCerber
4kqd3hmqgptupi3p.hessale.pw
AlpNames Limited (n/a)
2016-09-03 04:21Payment SiteCerber
wjtqjleommc4z46i.nh47ri.bid
Eranet International Limited (n/a)
2016-09-03 03:48Payment SiteCerber
wjtqjleommc4z46i.ldsl8m.bid
Eranet International Limited (n/a)
2016-09-03 03:29Payment SiteCerber
pmenboeqhyrpvomq.nh47ri.bid
Eranet International Limited (n/a)
2016-09-03 02:04Payment SiteCerber
52uo5k3t73ypjije.czzg7f.bid
Eranet International Limited (n/a)
2016-09-03 01:41Payment SiteCerber
wjtqjleommc4z46i.35u068.bid
Eranet International Limited (n/a)
2016-09-03 01:09Payment SiteCerber
52uo5k3t73ypjije.g5196b.bid
Eranet International Limited (n/a)
2016-09-03 00:40Payment SiteCerber
4kqd3hmqgptupi3p.he81tz.bid
Eranet International Limited (n/a)
2016-09-02 23:19Payment SiteCerber
4kqd3hmqgptupi3p.gio6f6.bid
Eranet International Limited (n/a)
2016-09-02 15:43Payment SiteCerber
52uo5k3t73ypjije.myurv5.bid
Eranet International Limited (n/a)
2016-09-02 14:24Distribution SiteLocky
www.valerypro.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.40.169 (- Italy)
2016-09-02 14:23Distribution SiteLocky
www.impresadeambrosis.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-09-02 14:23Distribution SiteLocky
www.empolio.com
ENOM, INC.213.204.1.56 (- Italy)
2016-09-02 14:22Distribution SiteLocky
immobilien1000.de
217.22.207.207 (- Germany)
2016-09-02 14:22Distribution SiteLocky
www.erretisnc.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-09-02 14:22Distribution SiteLocky
www.gebrvanorsouw.nl
Tele2 zakelijk62.250.4.180 (- Netherlands)
2016-09-02 14:22Distribution SiteLocky
www.imaginarium.home.ro
ICI - ROTLD81.196.20.133 (- Romania)
2016-09-02 14:22Distribution SiteLocky
www.ediazahar.com
NOMINALIA INTERNET S.L.62.42.230.17 (- Spain)
2016-09-02 14:21Distribution SiteLocky
malwinstall.wang
Todaynic com Inc (n/a)
2016-09-02 14:21Distribution SiteLocky
pp4_09_10_2s.republika.pl
213.180.150.17 (- Poland)
2016-09-02 14:21Distribution SiteLocky
www.mussystems.net
TUCOWS DOMAINS INC.195.238.0.64 (- Belgium)
2016-09-02 14:21Distribution SiteLocky
www.runningmen-mk.de
178.63.40.20 (- Germany)
2016-09-02 14:21Distribution SiteLocky
www.alpstaxi.co.jp
211.134.181.38 (- Japan)
2016-09-02 14:20Distribution SiteLocky
albertowe.cba.pl
Abc Hosting Ltd.95.211.144.65 (- Netherlands)
2016-09-02 14:20Distribution SiteLocky
www.termoalbiate.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.40.169 (- Italy)
2016-09-02 14:20Distribution SiteLocky
www.alessandrocangiano.com
TUCOWS DOMAINS INC.195.78.215.76 (- Italy)
2016-09-02 14:20Distribution SiteLocky
www.malicioso.net
NOMINALIA INTERNET S.L.62.42.230.17 (- Spain)
2016-09-02 14:18Distribution SiteLocky
www.motortecnica.org
Ascio Technologies, Inc. Danmark[...]213.205.40.169 (- Italy)
2016-09-02 14:18Distribution SiteLocky
www.informaonline.org
Ascio Technologies, Inc. Danmark[...]213.205.40.169 (- Italy)
2016-09-02 14:17Distribution SiteLocky
lokum1985.republika.pl
Domeny.pl sp. z o.o.213.180.150.17 (- Poland)
2016-09-02 14:16Distribution SiteLocky
andante-co.jp
153.149.155.32 (- Japan)
2016-09-02 14:16Distribution SiteLocky
www.anacuamic.com
ENOM, INC.95.211.113.12 (- Netherlands)
2016-09-02 14:16Distribution SiteLocky
clubofmalw.ws
Eranet International Limited (n/a)
2016-09-02 14:16Distribution SiteLocky
abcbureautique.abc.perso.neuf.fr
Société Française du Radioté[...]86.65.123.70 (- France)
2016-09-02 14:15Distribution SiteLocky
danzig.vtrbandaancha.net
REGISTER.COM, INC.200.83.4.62 (- Chile)
2016-09-02 14:15Distribution SiteLocky
www.caminettilcd.it
MCLINK-REG (n/a)
2016-09-02 14:15Distribution SiteLocky
bajkowestokrotki.cba.pl
Abc Hosting Ltd.95.211.144.65 (- Netherlands)
2016-09-02 14:15Distribution SiteLocky
158.195.68.10
n/a
2016-09-02 14:14Distribution SiteLocky
dcqoutlet.es
134.0.11.123 (- Spain)
2016-09-02 14:14Distribution SiteLocky
www.saumi.jazztel.es
62.14.3.195 (- Spain)
2016-09-02 14:13Distribution SiteLocky
www.threshold-online.co.uk
Plusnet Plc t/a Madasafish Broad[...]212.159.8.151 (- United Kingdom) +1 A record(s) 212.159.9.151 (AS6871, - United Kingdom)
2016-09-02 14:13Distribution SiteLocky
srxrun.nobody.jp
112.140.42.29 (- Japan)
2016-09-02 14:12Distribution SiteLocky
news.oboyle.ro
ICI - ROTLD (n/a)
2016-09-02 14:12Distribution SiteLocky
maxshoppppsr.biz
ERANET INTERNATIONAL LIMITED (n/a)
2016-09-02 14:12Distribution SiteLocky
maxshoppppsr.biz
ERANET INTERNATIONAL LIMITED (n/a)
2016-09-02 14:11Distribution SiteLocky
www.cortesidesign.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.40.169 (- Italy)
2016-09-02 14:11Distribution SiteLocky
bookinghotworld.ws
PDR Ltd. d/b/a PublicDomainRegis[...] (n/a)
2016-09-02 14:11Distribution SiteLocky
postaldigitalrs.com.br
187.45.193.139 (- Brazil)
2016-09-02 14:09Distribution SiteLocky
www.dallaglio-nordin.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.40.169 (- Italy)
2016-09-02 14:09Distribution SiteLocky
e-gmp.home.ro
ICI - ROTLD81.196.20.133 (- Romania)
2016-09-02 14:07Botnet C&CLocky
eywlmqugxx.info
Dynadot, LLC69.195.129.70 (- United States)
2016-09-02 11:20Payment SiteCerber
unocl45trpuoefft.gg4dgp.bid
Eranet International Limited (n/a)
2016-09-02 11:08Payment SiteCerber
4kqd3hmqgptupi3p.boxtimed.gdn
AlpNames Limited (n/a)
2016-09-02 10:43Payment SiteCerber
52uo5k3t73ypjije.9sfrr0.bid
Eranet International Limited (n/a)
2016-09-02 10:31Payment SiteCerber
4kqd3hmqgptupi3p.effortany.win
Alpnames Limited (n/a)
2016-09-02 10:25Payment SiteCerber
52uo5k3t73ypjije.c3fz3z.bid
Eranet International Limited (n/a)
2016-09-02 10:22Payment SiteCerber
52uo5k3t73ypjije.k8ytej.bid
Eranet International Limited (n/a)
2016-09-02 07:53Distribution SiteLocky
www.montegelato.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-09-02 07:51Distribution SiteLocky
rosivani.go.ro
ICI - ROTLD81.196.20.134 (- Romania)
2016-09-02 07:48Distribution SiteLocky
sitio655.vtrbandaancha.net
REGISTER.COM, INC.200.83.4.62 (- Chile)
2016-09-02 07:47Distribution SiteLocky
www.john.edmunds.talktalk.net
ASCIO TECHNOLOGIES, INC. DANMARK[...]62.24.202.31 (- United Kingdom)
2016-09-02 07:44Payment SiteCerber
52uo5k3t73ypjije.ldsl8m.bid
Eranet International Limited (n/a)
2016-09-02 07:34Payment SiteCerber
unocl45trpuoefft.vmomcc.bid
Eranet International Limited (n/a)
2016-09-02 07:27Payment SiteCerber
unocl45trpuoefft.igpfcu.bid
Eranet International Limited (n/a)
2016-09-02 07:13Payment SiteCerber
52uo5k3t73ypjije.4jub4e.bid
Eranet International Limited (n/a)
2016-09-02 06:55Payment SiteCerber
52uo5k3t73ypjije.x9kjcn.bid
Eranet International Limited (n/a)
2016-09-02 06:43Payment SiteCerber
52uo5k3t73ypjije.k0dcd2.bid
Eranet International Limited (n/a)
2016-09-02 06:25Payment SiteCerber
4kqd3hmqgptupi3p.g7kcux.bid
Eranet International Limited (n/a)
2016-09-02 05:26Payment SiteCerber
52uo5k3t73ypjije.kt70uk.bid
Eranet International Limited (n/a)
2016-09-02 05:09Distribution SiteLocky
www.one-clap.jp
202.224.63.6 (- Japan)
2016-09-02 05:08Distribution SiteLocky
josemedina.com
TUCOWS DOMAINS INC.67.225.176.60 (- United States)
2016-09-02 05:08Distribution SiteLocky
www.bytove.jadro.szm.com
GRANSY S.R.O D/B/A SUBREG.CZ85.248.42.103 (- Slovakia)
2016-09-02 05:07Distribution SiteLocky
aivee.koiwazurai.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]112.140.42.29 (- Japan)
2016-09-02 05:07Distribution SiteLocky
sp-moto.ru
REGTIME-RU62.76.44.161 (- Russian Federation)
2016-09-02 05:07Distribution SiteLocky
abcbureautique.abc.perso.neuf.fr
Société Française du Radioté[...]86.65.123.70 (- France)
2016-09-02 05:07Distribution SiteLocky
capannoneinliguria.com
OWN IDENTITY, INC84.33.0.247 (- Italy)
2016-09-02 05:07Distribution SiteLocky
www.plumbntile.talktalk.net
ASCIO TECHNOLOGIES, INC. DANMARK[...]62.24.202.31 (- United Kingdom)
2016-09-02 05:07Distribution SiteLocky
portadeenrolar.ind.br
186.202.126.199 (- Brazil)
2016-09-02 05:06Distribution SiteLocky
www.gsprzemkow.neostrada.pl
AZ.pl Sp. z o.o.217.97.216.17 (- Poland)
2016-09-02 05:06Distribution SiteLocky
194.28.172.166
n/a
2016-09-02 05:06Distribution SiteLocky
www.ccnprodusenaturiste.home.ro
ICI - ROTLD81.196.20.133 (- Romania)
2016-09-02 05:06Distribution SiteLocky
www.john.edmunds.talktalk.net
ASCIO TECHNOLOGIES, INC. DANMARK[...]62.24.202.31 (- United Kingdom)
2016-09-02 05:06Distribution SiteLocky
www.vanetti.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-09-02 05:06Distribution SiteLocky
yggithuq.utawebhost.at
195.248.63.109 (- Austria)
2016-09-02 05:06Distribution SiteLocky
sojasaude.com.br
187.45.195.136 (- Brazil)
2016-09-02 05:06Distribution SiteLocky
www.spiritueelcentrumaum.net
TUCOWS DOMAINS INC.195.238.0.64 (- Belgium)
2016-09-02 05:05Distribution SiteLocky
foerschl.gmxhome.de
82.165.62.70 (- Germany)
2016-09-02 05:05Distribution SiteLocky
t-schoener.de
(n/a)
2016-09-02 05:05Distribution SiteLocky
inge28.mytactis.com
OVH (n/a)
2016-09-02 05:05Distribution SiteLocky
www.automac.it
MCLINK-REG195.78.215.76 (- Italy)
2016-09-02 05:04Distribution SiteLocky
www.erretisnc.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-09-02 05:04Distribution SiteLocky
toukontoutaukaiazalea.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.61 (- United States)

# of rows displayed: 100
# of entries in database: 12'899

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 >