Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-02-22 07:49Payment SiteLocky
6dtxgqam4crv6rr6.onion.cab
InterNetworX Ltd. & Co. KG85.25.214.50 (- Germany)
2016-02-21 15:23Botnet C&CLocky
188.138.88.184
188.138.88.184 (- Germany)
2016-02-21 13:37Botnet C&CLocky
31.184.233.106
31.184.233.106 (- Russian Federation)
2016-02-20 15:45Payment SiteFAKBEN
24fkxhnr3cdtvwmy.onion.nu
WorldNames, Inc188.213.49.65 (- Romania) +1 A record(s) 46.36.37.82 (AS47381, - Czech Republic)
2016-02-20 15:44Payment SiteFAKBEN
24fkxhnr3cdtvwmy.onion.link
103.198.0.2 (- Singapore)
2016-02-20 15:43Payment SiteFAKBEN
24fkxhnr3cdtvwmy.onion.to
185.100.85.150 (- Romania) +1 A record(s) 192.36.27.5 (AS60729, - Sweden)
2016-02-20 15:29Botnet C&CCTB-Locker
zsn5qtrgfpu4tmpg.onion.lt
Gandi Sas82.94.251.220 (- Netherlands)
2016-02-20 15:29Botnet C&CCTB-Locker
zsn5qtrgfpu4tmpg.onion.gq
192.42.118.104 (- Netherlands)
2016-02-20 13:37Botnet C&CCryptoWall
frame3d.de
178.254.10.169 (- Germany)
2016-02-20 11:21Botnet C&CCryptoWall
autohaus-seevetal.com
CRONON AG81.169.145.162 (- Germany)
2016-02-20 11:21Botnet C&CCryptoWall
bisofit.com
ONLINENIC, INC.185.68.16.111 (- Ukraine)
2016-02-20 11:21Botnet C&CCryptoWall
www.healthstafftravel.com.au
GoDaddy.com, LLC64.207.186.229 (- United States)
2016-02-20 10:39Botnet C&CLocky
31.41.47.37
31.41.47.37 (- Russian Federation)
2016-02-20 10:39Botnet C&CLocky
gitybdjgbxd.nl
Gandi98.143.148.173 (- United States)
2016-02-20 10:39Botnet C&CLocky
svkjhguk.ru
101DOMAIN-RU195.22.28.199 (- Portugal)
2016-02-20 10:27Payment SiteTeslaCrypt
5rport45vcdef345adfkksawe.bematvocal.at
(n/a)
2016-02-20 10:27Payment SiteTeslaCrypt
b4youfred5485jgsa3453f.italazudda.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-02-20 10:27Payment SiteTeslaCrypt
prest54538hnksjn4kjfwdbhwere.hotchunman.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-02-19 18:19Botnet C&CLocky
pvwinlrmwvccuo.eu
OnlineNIC Inc185.46.11.239 (- Russian Federation)
2016-02-19 17:19Botnet C&CTeslaCrypt
iglesiaelrenacer.com
GODADDY.COM, LLC160.153.76.161 (- United States)
2016-02-19 16:13Botnet C&CCryptoWall
aditaborai.com.br
108.179.192.88 (- United States)
2016-02-19 14:03Botnet C&CLocky
85.25.138.187
85.25.138.187 (- Germany)
2016-02-19 05:13Botnet C&CCryptoWall
theassemblyguy.co.nz
103.40.81.47 (- New Zealand)
2016-02-19 05:13Botnet C&CCryptoWall
www.001edizioni.com
TUCOWS DOMAINS INC.95.110.230.190 (- Italy)
2016-02-18 18:33Botnet C&CLocky
94.242.57.45
94.242.57.45 (- Russian Federation)
2016-02-18 13:48Botnet C&CLocky
46.4.239.76
46.4.239.76 (- Germany)
2016-02-18 13:37Botnet C&CLocky
185.14.30.97
185.14.30.97 (- Netherlands)
2016-02-18 12:32Botnet C&CLocky
dltvwp.it
ITDOMAINS-REG104.238.173.18 (- United Kingdom)
2016-02-18 12:32Botnet C&CLocky
uxvvm.us
DYNADOT LLC69.195.129.70 (- United States)
2016-02-18 11:31Botnet C&CTeslaCrypt
dongxinh.com
ONLINENIC, INC.103.27.60.14 (- Vietnam)
2016-02-18 10:44Botnet C&CTeslaCrypt
dustywinslow.com
ENOM, INC.108.174.112.194 (- United States)
2016-02-18 10:44Botnet C&CLocky
95.181.171.58
95.181.171.58 (- Russian Federation)
2016-02-18 10:44Botnet C&CLocky
kqlxtqptsmys.in
101domain, Inc. (R115-AFIN)195.22.28.198 (- Portugal)
2016-02-18 02:36Botnet C&CLocky
195.154.241.208
195.154.241.208 (- France)
2016-02-17 17:57Botnet C&CLocky
fnarsipfqe.pw
Namecheap45.56.77.175 (- United States)
2016-02-17 17:57Botnet C&CLocky
sdwempsovemtr.yt
EURODNS S.A.45.56.77.175 (- United States)
2016-02-17 14:59Botnet C&CLocky
kpybuhnosdrm.in
101domain, Inc. (R115-AFIN)n/a
2016-02-17 14:59Botnet C&CLocky
luvenxj.uk
Dynadot, LLC t/a Dynadot69.195.129.70 (- United States)
2016-02-17 14:59Botnet C&CLocky
xfyubqmldwvuyar.yt
NETIM104.238.173.18 (- United Kingdom)
2016-02-17 14:37Botnet C&CLocky
dkoipg.pw
Regtime Ltdn/a
2016-02-17 12:07Botnet C&CTeslaCrypt
lovemydress.pl
home.pl S.A.79.96.7.15 (- Poland)
2016-02-16 13:29Botnet C&CLocky
195.64.154.14
195.64.154.14 (- Ukraine)
2016-02-16 08:32Botnet C&CLocky
86.104.134.144
86.104.134.144 (- Moldova)
2016-02-15 13:41Botnet C&CTeslaCrypt
ekop.org
Nics Telekomunikasyon Ticaret Lt[...]94.73.150.60 (- Turkey)
2016-02-15 10:20Botnet C&CTeslaCrypt
mosaudit.com
REGISTRAR OF DOMAIN NAMES REG.RU[...]81.177.140.144 (- Russian Federation)
2016-02-14 03:16Botnet C&CTeslaCrypt
yoyoeventos.com
ENOM, INC.187.45.240.67 (- Brazil)
2016-02-13 19:53Botnet C&CCryptoWall
madisonbootcamps.com
GODADDY.COM, LLC50.63.64.23 (- United States)
2016-02-13 09:12Botnet C&CCryptoWall
millsmanagement.nl
Hosting2GO B.V.83.137.194.38 (- Netherlands)
2016-02-13 01:15Botnet C&CCryptoWall
nonnuoccaobang.com
P.A. VIET NAM COMPANY LIMITED113.52.45.94 (- Vietnam)
2016-02-10 18:46Botnet C&CCryptoWall
italyprego.com
GODADDY.COM, LLC78.110.50.154 (- Russian Federation)
2016-02-10 02:18Botnet C&CCryptoWall
www.kadinweb.net
NICS TELEKOMUNIKASYON TICARET LT[...]185.8.33.117 (- Turkey)
2016-02-09 10:08Botnet C&CTeslaCrypt
dunyamuzelerimuzesi.com
NICS TELEKOMUNIKASYON TICARET LT[...]94.73.148.60 (- Turkey)
2016-02-09 10:08Botnet C&CTeslaCrypt
iicsdrd.com
GODADDY.COM, LLC205.144.171.9 (- United States)
2016-02-08 22:32Botnet C&CCryptoWall
www.plexipr.com
ENOM, INC.65.98.35.114 (- United States)
2016-02-08 06:09Botnet C&CCryptoWall
www.bishopbell.co.uk
123-Reg Limited t/a 123-reg217.177.8.89 (- United Kingdom)
2016-02-08 05:56Botnet C&CCryptoWall
studiolegalecsb.it
REGISTER-REG104.47.161.9 (- United States)
2016-02-08 05:54Botnet C&CCryptoWall
smartnote.co
WILD WEST DOMAINS, INC.184.168.68.65 (- United States)
2016-02-06 20:05Botnet C&CCryptoWall
dechehang.com
HICHINA ZHICHENG TECHNOLOGY LTD.112.124.96.107 (- China)
2016-02-06 08:22Botnet C&CCryptoWall
www.feddoctor.com
GODADDY.COM, LLC192.163.206.61 (- United States)
2016-02-05 16:59Botnet C&CCryptoWall
portret-tekening.nl
Hosting2GO B.V.83.137.194.115 (- Netherlands)
2016-02-05 05:35Botnet C&CCryptoWall
ascortimisoara.ro
ICI - ROTLD86.105.207.51 (- Romania)
2016-02-04 22:49Botnet C&CTeslaCrypt
zavidovodom.com
ENOM, INC.78.110.50.137 (- Russian Federation)
2016-02-03 15:07Botnet C&CTeslaCrypt
southinstrument.org
Key-Systems GmbH212.85.98.241 (- Poland)
2016-02-01 20:17Botnet C&CTeslaCrypt
wefindco.com
GODADDY.COM, LLC107.182.238.196 (- United States)
2016-02-01 20:17Botnet C&CTeslaCrypt
westhollywooddentaloffice.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]184.168.24.1 (- United States)
2016-02-01 06:07Botnet C&CTeslaCrypt
surusegitimmerkezi.com
NICS TELEKOMUNIKASYON TICARET LT[...]94.73.151.173 (- Turkey)
2016-01-30 23:01Botnet C&CCryptoWall
8vs.com
ENAME TECHNOLOGY CO., LTD.162.212.35.42 (- United States)
2016-01-30 22:59Botnet C&CCryptoWall
glitchygaming.com
ENOM, INC.72.51.43.203 (- United States)
2016-01-30 12:47Botnet C&CCryptoWall
grochowina.net
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]188.116.35.23 (- Poland)
2016-01-30 11:34Botnet C&CCryptoWall
tcblog.de
212.90.148.111 (- Germany)
2016-01-27 21:50Botnet C&CTeslaCrypt
toysfortheneedyandaid.org
eNom, Inc.97.107.141.123 (- United States)
2016-01-27 10:28Botnet C&CCryptoWall
dining-bar.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]203.189.109.152 (- Japan)
2016-01-27 08:58Botnet C&CCryptoWall
london-escorts-agency.org.uk
Namesco Limited178.32.72.112 (- France)
2016-01-26 06:17Botnet C&CCryptoWall
event-travel.co.uk
eNom, Inc.178.32.72.113 (- France)
2016-01-26 06:03Botnet C&CCryptoWall
mangohills.net
ONLINENIC, INC.107.170.239.172 (- United States)
2016-01-25 23:27Botnet C&CCryptoWall
jadwalpialadunia.in
Crazy Domains FZ-LLC (R160-AFIN)104.219.251.2 (- United States)
2016-01-25 19:54Botnet C&CCryptoWall
aspectdesigns.com.au
NetRegistry101.2.169.10 (- Australia)
2016-01-23 00:38Botnet C&CCryptoWall
inspirenetworks.in
Webiq Domains Solutions Pvt. Ltd[...]103.10.191.39 (- India)
2016-01-21 02:47Botnet C&CCryptoWall
cheapshirts.us
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]123.30.187.106 (- Vietnam)
2016-01-20 13:20Botnet C&CCryptoWall
bktrade.kiev.ua
ua.freehost178.20.153.56 (- Ukraine)
2016-01-20 02:30Botnet C&CCryptoWall
patrianossa.com.br
23.89.198.195 (- United States)
2016-01-20 02:06Botnet C&CCryptoWall
silstop.pl
AZ.pl Sp. z o.o.46.41.144.45 (- Poland)
2016-01-18 10:01Botnet C&CCryptoWall
portalmaismidia.com.br
69.162.96.195 (- United States)
2016-01-16 09:23Botnet C&CCryptoWall
weberteam.hu
195.228.152.23 (- Hungary)
2016-01-14 11:17Botnet C&CCryptoWall
procrediti.com.ua
ua.nic62.109.23.126 (- Russian Federation)
2016-01-14 11:17Botnet C&CCryptoWall
www.gjscomputerservices.com.au
NetRegistry125.214.74.70 (- Australia)
2016-01-14 08:59Botnet C&CCryptoWall
ilovesport.kiev.ua
ua.ukraine185.68.16.13 (- Ukraine)
2016-01-13 09:46Botnet C&CCryptoWall
babylicious.ie
89.36.25.168 (- Romania)
2016-01-11 19:12Botnet C&CCryptoWall
fun-pop.com
SHANGHAI YOVOLE NETWORKS INC.121.40.201.95 (- China)
2016-01-09 06:13Botnet C&CCryptoWall
d3mpd.fe.uns.ac.id
203.6.149.68 (- Indonesia)
2016-01-01 22:39Botnet C&CCryptoWall
icsot.na.its.ac.id
202.46.129.104 (- Indonesia)
2015-12-29 20:36Botnet C&CCryptoWall
emprende21.es
185.37.226.57 (- Spain)
2015-12-29 19:54Botnet C&CCryptoWall
k264.hu
87.229.51.98 (- Hungary)
2015-12-21 22:06Botnet C&CCryptoWall
kuruyaprak.com
NICS TELEKOMUNIKASYON TICARET LT[...]178.33.84.115 (- France)
2015-12-13 15:43Botnet C&CCryptoWall
allstarpaintbody.com
TUCOWS DOMAINS INC.64.207.146.127 (- United States)
2015-12-11 17:49Botnet C&CCryptoWall
arttoday.sk
92.240.253.3 (- Slovakia)
2015-12-10 08:36Botnet C&CCryptoWall
7-eleven-handbags.com
CHENGDU WEST DIMENSION DIGITAL T[...]23.89.109.22 (- United States)
2015-12-01 20:46Botnet C&CCryptoWall
balkanium.altervista.org
Tucows Inc.104.28.22.51 (- United States)
2015-11-26 10:11Botnet C&CCryptoWall
arot.altervista.org
Tucows Inc.104.28.15.54 (- United States)
2015-11-14 16:40Botnet C&CCryptoWall
anime-tuner.square7.ch
INWX AG148.251.48.69 (- Germany)

# of rows displayed: 100
# of entries in database: 9'210

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 >