Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-08-31 10:36Payment SiteCerber
unocl45trpuoefft.j8exy2.bid
Eranet International Limited (n/a)
2016-08-31 09:02Payment SiteCerber
4kqd3hmqgptupi3p.csv7o6.bid
Eranet International Limited (n/a)
2016-08-31 08:22Payment SiteCerber
4kqd3hmqgptupi3p.8kcfnk.bid
Eranet International Limited (n/a)
2016-08-31 07:36Payment SiteCerber
4kqd3hmqgptupi3p.masterany.red
Alpnames Limited (n/a)
2016-08-31 05:12Payment SiteCerber
52uo5k3t73ypjije.gio6f6.bid
Eranet International Limited (n/a)
2016-08-31 02:59Payment SiteCerber
52uo5k3t73ypjije.csv7o6.bid
Eranet International Limited (n/a)
2016-08-31 01:19Payment SiteCerber
4kqd3hmqgptupi3p.2y4t6f.bid
Eranet International Limited (n/a)
2016-08-31 00:20Payment SiteCerber
52uo5k3t73ypjije.f0jlbj.bid
Eranet International Limited (n/a)
2016-08-30 23:38Payment SiteCerber
unocl45trpuoefft.o8hpwj.top
Eranet International Limited (n/a)
2016-08-30 22:50Payment SiteCerber
4kqd3hmqgptupi3p.f0jlbj.bid
Eranet International Limited (n/a)
2016-08-30 22:15Payment SiteCerber
52uo5k3t73ypjije.srmlzh.bid
Eranet International Limited (n/a)
2016-08-30 19:43Payment SiteCerber
52uo5k3t73ypjije.2y4t6f.bid
Eranet International Limited (n/a)
2016-08-30 18:59Payment SiteCerber
unocl45trpuoefft.8kcfnk.bid
Eranet International Limited (n/a)
2016-08-30 18:41Payment SiteCerber
52uo5k3t73ypjije.nh47ri.bid
Eranet International Limited (n/a)
2016-08-30 18:40Payment SiteCerber
unocl45trpuoefft.cm5ohx.bid
Eranet International Limited (n/a)
2016-08-30 17:54Payment SiteCerber
52uo5k3t73ypjije.91006j.bid
Eranet International Limited (n/a)
2016-08-30 17:31Payment SiteCerber
unocl45trpuoefft.ks3ghp.bid
Eranet International Limited (n/a)
2016-08-30 17:03Payment SiteCerber
unocl45trpuoefft.m33d4b.bid
Eranet International Limited (n/a)
2016-08-30 16:47Payment SiteCerber
52uo5k3t73ypjije.cm5ohx.bid
Eranet International Limited (n/a)
2016-08-30 16:22Payment SiteCerber
4kqd3hmqgptupi3p.laterugly.win
Alpnames Limited (n/a)
2016-08-30 15:45Payment SiteCerber
wjtqjleommc4z46i.cm5ohx.bid
Eranet International Limited (n/a)
2016-08-30 15:14Payment SiteCerber
52uo5k3t73ypjije.whmykv.bid
Eranet International Limited (n/a)
2016-08-30 15:08Payment SiteCerber
unocl45trpuoefft.whmykv.bid
Eranet International Limited (n/a)
2016-08-30 14:21Distribution SiteLocky
cmacos.com
WHOISNETWORKS CO., LTD.210.116.96.12 (- Korea)
2016-08-30 14:21Distribution SiteLocky
og-kaiserslautern-kft.de
109.237.140.28 (- Germany)
2016-08-30 14:21Distribution SiteLocky
alians-ekb.ru
RU-CENTER-RU85.12.197.61 (- Russian Federation)
2016-08-30 14:21Distribution SiteLocky
www.vilastefania.go.ro
ICI - ROTLD81.196.20.134 (- Romania)
2016-08-30 14:21Distribution SiteLocky
marronbridge.ina-ka.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]112.140.42.29 (- Japan)
2016-08-30 14:21Distribution SiteLocky
wolffram.homepage.t-online.de
80.150.6.138 (- Germany)
2016-08-30 14:21Distribution SiteLocky
www.sand-mechanic.ru
REGTIME-RU194.63.140.183 (- Russian Federation)
2016-08-30 14:20Distribution SiteLocky
nishinomiyaseijunkai.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.37 (- United States)
2016-08-30 14:20Distribution SiteLocky
arcziuuucity.y0.pl
Abc Hosting Ltd.95.211.144.65 (- Netherlands)
2016-08-30 14:20Distribution SiteLocky
chwiladlaciebie.cba.pl
Abc Hosting Ltd.95.211.144.65 (- Netherlands)
2016-08-30 14:20Distribution SiteLocky
www.dapaluda.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-08-30 14:20Distribution SiteLocky
earthkikaku.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.45 (- United States)
2016-08-30 14:20Distribution SiteLocky
nihilismus.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.62 (- United States)
2016-08-30 14:20Distribution SiteLocky
gerochan.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.49 (- United States)
2016-08-30 14:20Distribution SiteLocky
www.lnowak.tkdami.net
OVH88.156.222.94 (- Poland)
2016-08-30 14:20Distribution SiteLocky
www.facturi.go.ro
ICI - ROTLD81.196.20.134 (- Romania)
2016-08-30 14:20Distribution SiteLocky
lacomete52.perso.sfr.fr
Société Française du Radioté[...]86.65.123.70 (- France)
2016-08-30 14:20Distribution SiteLocky
www.artx.strefa.pl
Grupa Interia.pl sp. z o.o. sp. [...]217.74.66.167 (- Poland)
2016-08-30 14:20Distribution SiteLocky
gastrohurt.neostrada.pl
AZ.pl Sp. z o.o.217.97.216.17 (- Poland)
2016-08-30 14:20Distribution SiteLocky
muellerfalk.homepage.t-online.de
80.150.6.138 (- Germany)
2016-08-30 14:20Distribution SiteLocky
rs-nordsee.de
109.237.140.18 (- Germany)
2016-08-30 14:20Distribution SiteLocky
www.shanty-chor-neuengoers.de
81.169.145.224 (- Germany)
2016-08-30 14:20Distribution SiteLocky
www.peritiassicurativi.org
Ascio Technologies, Inc. Danmark[...]213.205.40.169 (- Italy)
2016-08-30 13:12Payment SiteCerber
52uo5k3t73ypjije.jal9lk.bid
Eranet International Limited (n/a)
2016-08-30 12:20Payment SiteCerber
unocl45trpuoefft.c9kp0o.bid
Eranet International Limited (n/a)
2016-08-30 11:44Payment SiteCerber
unocl45trpuoefft.uso3z0.bid
Eranet International Limited (n/a)
2016-08-30 11:08Distribution SiteLocky
www.roghmann-net.de
(n/a)
2016-08-30 11:08Distribution SiteLocky
kikorpo.com.br
187.45.193.168 (- Brazil)
2016-08-30 11:08Distribution SiteLocky
www.alcamo.org
Ascio Technologies, Inc. Danmark[...]213.205.40.169 (- Italy)
2016-08-30 11:08Distribution SiteLocky
bestcheats.cba.pl
Abc Hosting Ltd.95.211.144.65 (- Netherlands)
2016-08-30 11:08Distribution SiteLocky
www.lothaller.net
EPAG DOMAINSERVICES GMBH77.244.243.38 (- Austria)
2016-08-30 11:08Distribution SiteLocky
bzn.c0.pl
Abc Hosting Ltd.95.211.144.65 (- Netherlands)
2016-08-30 11:08Distribution SiteLocky
www.danzenicolas.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-08-30 11:08Distribution SiteLocky
akihitomu.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.61 (- United States)
2016-08-30 11:08Distribution SiteLocky
www.fabioalbini.com
TUCOWS DOMAINS INC.195.78.215.76 (- Italy)
2016-08-30 11:08Distribution SiteLocky
hacca.kitunebi.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]112.140.42.29 (- Japan)
2016-08-30 11:08Distribution SiteLocky
ra-russold.com
KEY-SYSTEMS GMBH86.59.4.231 (- Austria)
2016-08-30 11:08Distribution SiteLocky
11011020.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.37 (- United States)
2016-08-30 11:08Distribution SiteLocky
www.spartania.de
81.169.145.194 (- Germany)
2016-08-30 11:08Distribution SiteLocky
pruszcz.cba.pl
Abc Hosting Ltd.95.211.144.65 (- Netherlands)
2016-08-30 11:07Distribution SiteLocky
teixeiraonline.com.br
(n/a)
2016-08-30 11:07Distribution SiteLocky
westcolors.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.62 (- United States)
2016-08-30 11:07Distribution SiteLocky
kikorpo.com.br
187.45.193.168 (- Brazil)
2016-08-30 11:07Distribution SiteLocky
externografico.com
10DENCEHISPAHARD, S.L134.0.10.36 (- Spain)
2016-08-30 11:07Distribution SiteLocky
www.almaservice.it
TISCALIDOMAIN-REG31.11.34.33 (- Italy)
2016-08-30 11:07Distribution SiteLocky
www.mocca-lounge.at
81.19.145.91 (- Austria)
2016-08-30 11:07Distribution SiteLocky
gonjiri64.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.45 (- United States)
2016-08-30 11:07Distribution SiteLocky
chchic.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.41 (- United States)
2016-08-30 11:07Distribution SiteLocky
jonpickerill.co.uk
Nuco Technologies Ltd t/a Host-i[...]194.150.252.101 (- United Kingdom)
2016-08-30 11:07Distribution SiteLocky
www.placetel.es
62.42.230.17 (- Spain)
2016-08-30 11:07Distribution SiteLocky
www.gabinator.republika.pl
Domeny.pl sp. z o.o.213.180.150.17 (- Poland)
2016-08-30 11:07Distribution SiteLocky
xremx.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.48 (- United States)
2016-08-30 11:07Distribution SiteLocky
madziaadam.republika.pl
Domeny.pl sp. z o.o.213.180.150.17 (- Poland)
2016-08-30 11:07Distribution SiteLocky
michikawano.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.49 (- United States)
2016-08-30 11:07Distribution SiteLocky
www.vanachte.be
Telenet BVBA195.130.132.84 (- Belgium)
2016-08-30 11:07Distribution SiteLocky
www.opiekanadogrodem.pl
Michau Enterprises Ltd.95.211.144.65 (- Netherlands)
2016-08-30 11:07Distribution SiteLocky
87.106.38.204
n/a
2016-08-30 11:07Distribution SiteLocky
www.faberpoli.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-08-30 11:06Distribution SiteLocky
msnobu.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.37 (- United States)
2016-08-30 11:06Distribution SiteLocky
www.microsap.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-08-30 10:24Payment SiteCerber
unocl45trpuoefft.csv7o6.bid
Eranet International Limited (n/a)
2016-08-30 10:19Payment SiteCerber
52uo5k3t73ypjije.249isv.bid
Eranet International Limited (n/a)
2016-08-30 10:09Payment SiteCerber
unocl45trpuoefft.gio6f6.bid
Eranet International Limited (n/a)
2016-08-30 04:57Payment SiteCerber
52uo5k3t73ypjije.o8hpwj.top
Eranet International Limited (n/a)
2016-08-30 01:57Payment SiteCerber
unocl45trpuoefft.ageshere.club
Alpnames Limited (n/a)
2016-08-30 00:20Payment SiteCerber
unocl45trpuoefft.lak8wd.bid
Eranet International Limited (n/a)
2016-08-29 23:39Payment SiteCerber
52uo5k3t73ypjije.sdfztr.bid
Eranet International Limited (n/a)
2016-08-29 20:51Payment SiteCerber
unocl45trpuoefft.2y4t6f.bid
Eranet International Limited (n/a)
2016-08-29 20:47Payment SiteCerber
52uo5k3t73ypjije.8kcfnk.bid
Eranet International Limited (n/a)
2016-08-29 19:19Payment SiteCerber
4kqd3hmqgptupi3p.a0g0o7.bid
Eranet International Limited (n/a)
2016-08-29 18:21Payment SiteCerber
52uo5k3t73ypjije.nxmu0x.bid
Eranet International Limited (n/a)
2016-08-29 16:12Payment SiteCerber
unocl45trpuoefft.idw6s5.bid
Eranet International Limited (n/a)
2016-08-29 14:26Payment SiteCerber
unocl45trpuoefft.i1wcrl.bid
Eranet International Limited (n/a)
2016-08-29 10:52Payment SiteCerber
4kqd3hmqgptupi3p.whmykv.bid
Eranet International Limited (n/a)
2016-08-29 09:18Payment SiteCerber
unocl45trpuoefft.moonsides.faith
Alpnames Limited (n/a)
2016-08-29 07:51Botnet C&CLocky
trxswbwxhr.xyz
Registrar of Domain Names REG.RU[...]91.226.92.208 (- Russian Federation)
2016-08-29 07:31Botnet C&CLocky
195.64.154.114
195.64.154.114 (- Ukraine)

# of rows displayed: 100
# of entries in database: 12'829

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 >