Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-08-29 00:35Payment SiteCerber
wjtqjleommc4z46i.249isv.bid
Eranet International Limited (n/a)
2016-08-28 22:24Payment SiteCerber
4kqd3hmqgptupi3p.variedtax.kim
Alpnames Limited (n/a)
2016-08-28 21:02Payment SiteCerber
4kqd3hmqgptupi3p.o8hpwj.top
Eranet International Limited (n/a)
2016-08-28 18:32Payment SiteCerber
unocl45trpuoefft.he81tz.bid
Eranet International Limited (n/a)
2016-08-28 18:27Payment SiteCerber
4kqd3hmqgptupi3p.y12acl.bid
Eranet International Limited (n/a)
2016-08-28 17:48Payment SiteCerber
52uo5k3t73ypjije.s2xb1s.bid
Eranet International Limited (n/a)
2016-08-28 17:47Payment SiteCerber
52uo5k3t73ypjije.hawtzr.bid
Eranet International Limited (n/a)
2016-08-28 17:38Payment SiteCerber
unocl45trpuoefft.54drms.bid
Eranet International Limited (n/a)
2016-08-28 17:36Payment SiteCerber
52uo5k3t73ypjije.uwckha.top
Eranet International Limited (n/a)
2016-08-28 17:35Payment SiteCerber
52uo5k3t73ypjije.gg4dgp.bid
Eranet International Limited (n/a)
2016-08-28 01:20Payment SiteCerber
52uo5k3t73ypjije.kas17.com
ERANET INTERNATIONAL LIMITED (n/a)
2016-08-28 00:12Payment SiteCerber
52uo5k3t73ypjije.mbwxyg.bid
Eranet International Limited (n/a)
2016-08-27 23:58Payment SiteCerber
unocl45trpuoefft.freshsdog.loan
Alpnames Limited (n/a)
2016-08-27 22:22Payment SiteCerber
52uo5k3t73ypjije.o5xcnd.bid
Eranet International Limited (n/a)
2016-08-27 21:26Payment SiteCerber
4kqd3hmqgptupi3p.249isv.bid
Eranet International Limited (n/a)
2016-08-27 18:02Payment SiteCerber
52uo5k3t73ypjije.94ycl8.bid
Eranet International Limited (n/a)
2016-08-27 18:01Botnet C&CLocky
wvltrlrnf.xyz
Namecheap208.100.26.234 (- United States)
2016-08-27 17:53Payment SiteCerber
4kqd3hmqgptupi3p.jal9lk.bid
Eranet International Limited (n/a)
2016-08-27 17:43Payment SiteCerber
wjtqjleommc4z46i.uwckha.top
Eranet International Limited (n/a)
2016-08-27 17:40Payment SiteCerber
4kqd3hmqgptupi3p.salethe.gdn
AlpNames Limited (n/a)
2016-08-27 17:37Payment SiteCerber
52uo5k3t73ypjije.loanshown.info
Alpnames Limited (n/a)
2016-08-27 16:55Payment SiteCerber
4kqd3hmqgptupi3p.nh47ri.bid
Eranet International Limited (n/a)
2016-08-27 16:41Payment SiteCerber
52uo5k3t73ypjije.p0lxvm.bid
Eranet International Limited (n/a)
2016-08-27 14:23Payment SiteCerber
52uo5k3t73ypjije.6j7jcn.bid
Eranet International Limited (n/a)
2016-08-27 01:48Payment SiteCerber
52uo5k3t73ypjije.u50s89.bid
Eranet International Limited (n/a)
2016-08-27 01:09Payment SiteCerber
52uo5k3t73ypjije.5tb8hy.bid
Eranet International Limited (n/a)
2016-08-27 00:35Payment SiteCerber
4kqd3hmqgptupi3p.nxmu0x.bid
Eranet International Limited (n/a)
2016-08-26 23:58Payment SiteCerber
unocl45trpuoefft.mbwxyg.bid
Eranet International Limited (n/a)
2016-08-26 23:34Payment SiteCerber
wjtqjleommc4z46i.salethe.gdn
AlpNames Limited (n/a)
2016-08-26 14:26Payment SiteCerber
unocl45trpuoefft.n20b1c.top
Eranet International Limited (n/a)
2016-08-26 14:18Payment SiteCerber
unocl45trpuoefft.vlwbcz.bid
Eranet International Limited (n/a)
2016-08-26 13:33Payment SiteCerber
wjtqjleommc4z46i.z7uxzg.bid
Eranet International Limited (n/a)
2016-08-26 12:29Payment SiteCerber
unocl45trpuoefft.na2iuz.bid
Eranet International Limited (n/a)
2016-08-26 11:48Payment SiteCerber
52uo5k3t73ypjije.yrd7v5.bid
Eranet International Limited (n/a)
2016-08-26 11:15Payment SiteCerber
52uo5k3t73ypjije.26lpul.bid
Eranet International Limited (n/a)
2016-08-26 10:24Payment SiteCerber
52uo5k3t73ypjije.7156et.bid
Eranet International Limited (n/a)
2016-08-26 08:38Distribution SiteLocky
www.caffematto.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-08-26 08:37Distribution SiteLocky
tpllaw.com
DOMAINPEOPLE, INC.216.87.186.90 (- United States)
2016-08-26 08:36Distribution SiteLocky
www.fenit.net
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.40.169 (- Italy)
2016-08-26 08:35Distribution SiteLocky
www.imaginarium.home.ro
ICI - ROTLD81.196.20.133 (- Romania)
2016-08-26 08:34Distribution SiteLocky
www.agriturismoigirasoli.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-08-26 08:34Distribution SiteLocky
www.saumi.jazztel.es
62.14.3.195 (- Spain)
2016-08-26 08:34Distribution SiteLocky
spic.bakufu.org
GMO Internet, Inc. d/b/a Onamae.[...]112.140.42.29 (- Japan)
2016-08-26 08:33Distribution SiteLocky
abcbureautique.abc.perso.neuf.fr
Société Française du Radioté[...]86.65.123.70 (- France)
2016-08-26 08:32Distribution SiteLocky
www.dialektika.extra.hu
(n/a)
2016-08-26 08:31Distribution SiteLocky
immobilien1000.de
217.22.207.207 (- Germany)
2016-08-26 08:29Payment SiteCerber
4kqd3hmqgptupi3p.yg767p.bid
Eranet International Limited (n/a)
2016-08-26 06:42Payment SiteCerber
52uo5k3t73ypjije.w8yolm.bid
Eranet International Limited (n/a)
2016-08-26 01:34Payment SiteCerber
52uo5k3t73ypjije.lio2wr.bid
Eranet International Limited (n/a)
2016-08-25 20:20Payment SiteCerber
wjtqjleommc4z46i.t4jp3w.bid
Eranet International Limited (n/a)
2016-08-25 18:33Payment SiteCerber
4kqd3hmqgptupi3p.gameswarm.loan
Alpnames Limited (n/a)
2016-08-25 18:08Payment SiteCerber
4kqd3hmqgptupi3p.themevery.win
Alpnames Limited (n/a)
2016-08-25 17:19Payment SiteCerber
unocl45trpuoefft.at9gwv.bid
Eranet International Limited (n/a)
2016-08-25 15:56Payment SiteCerber
unocl45trpuoefft.lio2wr.bid
Eranet International Limited (n/a)
2016-08-25 14:32Payment SiteCerber
unocl45trpuoefft.metpast.date
Alpnames Limited (n/a)
2016-08-25 12:14Distribution SiteLocky
www.peterswebsite.dommel.be
SCHEDOM NV / DOMMEL.COM193.109.184.81 (- Belgium)
2016-08-25 12:14Distribution SiteLocky
69.61.11.216
n/a
2016-08-25 12:14Botnet C&CLocky
fqoapcjolfwwenqx.pw
Registrar of Domain Names REG.RU[...]91.226.92.208 (- Russian Federation)
2016-08-25 12:14Botnet C&CLocky
51.254.55.171
51.254.55.171 (- France)
2016-08-25 12:14Distribution SiteLocky
csegurosural.com
DINAHOSTING SL82.98.160.76 (- Spain)
2016-08-25 12:14Distribution SiteLocky
df2lh.privat.t-online.de
80.150.6.138 (- Germany)
2016-08-25 12:13Distribution SiteLocky
www.leprimodels.it
TISCALIDOMAIN-REG31.11.34.87 (- Italy)
2016-08-25 12:13Distribution SiteLocky
gerhard-schudok.de
(n/a)
2016-08-25 12:13Distribution SiteLocky
pvdbosch.dommel.be
SCHEDOM NV / DOMMEL.COM193.109.184.81 (- Belgium)
2016-08-25 12:12Distribution SiteLocky
moussayer.dommel.be
SCHEDOM NV / DOMMEL.COM193.109.184.81 (- Belgium)
2016-08-25 10:52Payment SiteCerber
52uo5k3t73ypjije.ij0cia.bid
Eranet International Limited (n/a)
2016-08-25 09:50Payment SiteCerber
52uo5k3t73ypjije.insystem.men
Alpnames Limited (n/a)
2016-08-25 08:25Distribution SiteLocky
www.sp-moto.ru
REGTIME-RU37.230.114.67 (- Russian Federation)
2016-08-25 08:25Distribution SiteLocky
www.kuldkaru.ee
Zone Media OÜ212.7.7.85 (- Estonia)
2016-08-25 08:25Distribution SiteLocky
lima-acoustics.com
MESH DIGITAL LIMITED83.169.7.208 (- Germany)
2016-08-25 08:25Distribution SiteLocky
blossom0012.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.48 (- United States)
2016-08-25 08:25Distribution SiteLocky
bluepierrotnodanoni.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.62 (- United States)
2016-08-25 08:25Distribution SiteLocky
www.mbeccarini.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.40.169 (- Italy)
2016-08-25 08:24Distribution SiteLocky
www.macro1990.it
TISCALIDOMAIN-REG89.40.172.12 (- Italy)
2016-08-25 08:24Distribution SiteLocky
da-fortunato.de
(n/a)
2016-08-25 08:24Distribution SiteLocky
wgg985gsd.homepage.t-online.de
80.150.6.138 (- Germany)
2016-08-25 08:24Distribution SiteLocky
www.geocities.jp
118.151.231.178 (- Japan) +2 A record(s) 118.151.231.179 (AS23816, - Japan)
118.151.231.180 (AS23816, - Japan)
2016-08-25 08:24Distribution SiteLocky
spichki.in.ua
185.67.1.94 (- Ukraine)
2016-08-25 08:24Distribution SiteLocky
diskobil.dk
94.231.109.70 (- Denmark)
2016-08-25 08:23Distribution SiteLocky
www.leuchten-modelle.de
81.169.145.161 (- Germany)
2016-08-25 08:23Distribution SiteLocky
www.bebrudy.com
ASCIO TECHNOLOGIES, INC. DANMARK[...] (n/a)
2016-08-25 08:23Distribution SiteLocky
antopisanelli.interfree.it
REGISTER-REG80.91.55.51 (- Italy)
2016-08-25 08:23Distribution SiteLocky
www.panetteriagiacosa.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-08-25 08:22Distribution SiteLocky
202.210.189.111
n/a
2016-08-25 08:22Distribution SiteLocky
www.comunedipratiglione.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-08-25 08:22Distribution SiteLocky
download.apf.asso.fr
EDICIEL84.14.105.194 (- France)
2016-08-25 08:21Distribution SiteLocky
www.gadtrento.it
TISCALIDOMAIN-REG89.46.104.14 (- Italy)
2016-08-25 08:21Distribution SiteLocky
kikital.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.48 (- United States)
2016-08-25 08:21Distribution SiteLocky
tisystems.cz
REG-ZONER77.48.30.93 (- Czech Republic)
2016-08-25 08:21Distribution SiteLocky
ihvr.org
Network Solutions, LLC208.123.213.160 (- Canada)
2016-08-25 08:20Distribution SiteLocky
spir.50webs.com
GODADDY.COM, LLC162.210.101.101 (- United States)
2016-08-25 08:20Distribution SiteLocky
www.cardellaservices.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.40.169 (- Italy)
2016-08-25 08:20Distribution SiteLocky
www.stefanopennacchiottigioielleria.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.40.169 (- Italy)
2016-08-25 08:20Distribution SiteLocky
cbactive.com
GODADDY.COM, LLC23.229.171.33 (- United States)
2016-08-25 08:20Distribution SiteLocky
www.Logopaedie-Tisch.homepage.t-online.de
80.150.6.138 (- Germany)
2016-08-25 08:19Distribution SiteLocky
www.rettificabellani.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.38.22 (- Italy)
2016-08-25 08:19Distribution SiteLocky
www.arrotin.net
TUCOWS DOMAINS INC.195.238.0.64 (- Belgium)
2016-08-25 08:19Distribution SiteLocky
217.172.226.2
n/a
2016-08-25 08:19Distribution SiteLocky
eb3jt.ure.es
212.34.136.23 (- Spain)
2016-08-25 08:19Distribution SiteLocky
www.profa.cba.pl
Abc Hosting Ltd.95.211.144.65 (- Netherlands)

# of rows displayed: 100
# of entries in database: 12'829

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 >