Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage | GlobeImposter

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-07-11 02:13Payment SiteCerber
27lelchgcvs2wpm7.asd3r3.top
Eranet International Limited (n/a)
2016-07-11 01:57Payment SiteCerber
pmenboeqhyrpvomq.xneyvm.top
Eranet International Limited (n/a)
2016-07-11 01:57Payment SiteCerber
52uo5k3t73ypjije.ie7t8k.top
Eranet International Limited (n/a)
2016-07-11 00:57Payment SiteCerber
pmenboeqhyrpvomq.58na23.top
Eranet International Limited (n/a)
2016-07-10 22:05Payment SiteCerber
27lelchgcvs2wpm7.fm0cga.top
Eranet International Limited (n/a)
2016-07-10 21:12Payment SiteCerber
pmenboeqhyrpvomq.self56.top
Eranet International Limited (n/a)
2016-07-10 14:05Payment SiteCerber
4kqd3hmqgptupi3p.adevf4.top
Eranet International Limited (n/a)
2016-07-10 09:31Payment SiteCerber
27lelchgcvs2wpm7.wins4n.win
Eranet International Limited (n/a)
2016-07-10 08:28Payment SiteCerber
27lelchgcvs2wpm7.xkfi59.top
Eranet International Limited (n/a)
2016-07-10 00:06Payment SiteCerber
pmenboeqhyrpvomq.cmri58.top
Eranet International Limited (n/a)
2016-07-09 03:11Payment SiteCerber
4kqd3hmqgptupi3p.wins4n.top
Eranet International Limited (n/a)
2016-07-09 01:55Payment SiteCerber
27lelchgcvs2wpm7.rt4e34.win
Eranet International Limited (n/a)
2016-07-08 13:23Distribution SiteLocky
www.johnsonfashion.com.tw
HINET18.182.79.158 (- United States) +1 A record(s) 52.199.156.181 (AS16509, - Japan)
2016-07-08 13:23Distribution SiteLocky
expertsreunis.com
REGISTER.IT SPA81.88.57.68 (- Italy)
2016-07-08 13:23Distribution SiteLocky
advempresarial.com
GODADDY.COM, LLC69.49.115.40 (- Canada)
2016-07-08 12:28Distribution SiteLocky
psiaekipa.com
ENOM, INC.54.36.173.137 (- United States)
2016-07-08 12:00Distribution SiteLocky
sasakisummers.com
GODADDY.COM, LLC64.29.151.221 (- United States)
2016-07-08 11:30Distribution SiteLocky
hero-ny.org
DomainPeople, Inc. (n/a)
2016-07-08 10:52Distribution SiteLocky
satinfuntaboo.com
GODADDY.COM, LLC185.72.157.174 (- United States)
2016-07-08 10:05Distribution SiteLocky
felicecremesini.com
REGISTER.IT SPA195.110.124.133 (- Italy)
2016-07-08 10:04Distribution SiteLocky
themeidea.com
GODADDY.COM, LLC (n/a)
2016-07-08 10:04Distribution SiteLocky
kurumenishimura.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]153.122.16.1 (- Japan)
2016-07-08 10:04Distribution SiteLocky
manutenzionecarrier.com
REGISTER.IT SPA195.110.124.133 (- Italy)
2016-07-08 10:04Distribution SiteLocky
caijiachina.com
REGISTER.IT SPA (n/a)
2016-07-08 10:04Distribution SiteLocky
gebrauchtkauf.at
216.55.105.144 (- Canada)
2016-07-08 10:04Distribution SiteLocky
seferworld.com
NAME.COM, INC.74.220.199.8 (- United States)
2016-07-08 10:04Distribution SiteLocky
drpampe.com
DELUXE SMALL BUSINESS SALES, INC[...]64.29.151.221 (- United States)
2016-07-08 10:04Distribution SiteLocky
fermmedia.com
IHS TELEKOM, INC.94.73.147.68 (- Turkey)
2016-07-08 10:03Distribution SiteLocky
abschlepp-taxi24.at
193.141.3.74 (- Germany)
2016-07-07 22:32Payment SiteCerber
52uo5k3t73ypjije.to6maq.top
Eranet International Limited (n/a)
2016-07-07 22:00Botnet C&CPayCrypt
graund-a.com.ua
ua.ukraine185.68.16.115 (- Ukraine)
2016-07-07 22:00Botnet C&CPayCrypt
graund-a.com.ua
ua.ukraine185.68.16.115 (- Ukraine)
2016-07-07 22:00Payment SiteCerber
52uo5k3t73ypjije.fkgrie.top
Eranet International Limited (n/a)
2016-07-07 15:44Payment SiteCerber
27lelchgcvs2wpm7.adevf4.top
Eranet International Limited (n/a)
2016-07-07 14:05Distribution SiteLocky
academicbooks.co.za
154.0.161.172 (- South Africa)
2016-07-07 14:05Distribution SiteLocky
homahost.com
TUCOWS DOMAINS INC. (n/a)
2016-07-07 13:44Botnet C&CLocky
51.255.172.55
51.255.172.55 (- France)
2016-07-07 13:41Payment SiteCerber
52uo5k3t73ypjije.ti4wic.top
Eranet International Limited (n/a)
2016-07-07 12:18Distribution SiteLocky
takipediliyoruz.com
NICS TELEKOMUNIKASYON TIC LTD. S[...]188.138.57.70 (- Germany)
2016-07-07 12:18Distribution SiteLocky
balanaeguia.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]134.0.9.164 (- Spain)
2016-07-07 12:17Distribution SiteLocky
think5c.com
TUCOWS DOMAINS INC. (n/a)
2016-07-07 11:36Distribution SiteLocky
orgelfestival.org
Register.IT SPA (n/a)
2016-07-07 11:36Distribution SiteLocky
michael-taub.com
LCN.COM LTD. (n/a)
2016-07-07 11:36Distribution SiteLocky
graziellaboutique.com
REGISTER.IT SPA46.28.3.56 (- Italy)
2016-07-07 11:36Distribution SiteLocky
levinltd.com
TUCOWS DOMAINS INC.46.20.146.37 (- Turkey)
2016-07-07 11:36Distribution SiteLocky
canvilada.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]217.76.142.22 (- Spain)
2016-07-07 11:36Distribution SiteLocky
lazercanta.com
GODADDY.COM, LLC (n/a)
2016-07-07 11:23Distribution SiteLocky
gordreid.com
ENOM, INC.64.151.202.242 (- Canada)
2016-07-07 11:23Distribution SiteLocky
something117.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]125.206.125.198 (- Japan)
2016-07-07 11:23Distribution SiteLocky
comingtools.com
REGISTER.IT SPA149.202.230.133 (- France)
2016-07-07 11:23Distribution SiteLocky
eyejoeun.com
GABIA, INC. (n/a)
2016-07-07 11:22Distribution SiteLocky
serranocampos.com
DOMAIN.COM, LLC86.109.162.175 (- Spain)
2016-07-07 11:22Distribution SiteLocky
paulking.it
OMNIBUS-REG80.211.73.234 (- Italy)
2016-07-07 11:22Distribution SiteLocky
jennypestanita.com
REGISTER.IT SPA (n/a)
2016-07-07 11:11Payment SiteLocky
mphtadhci5mrdlju.onion.to
185.100.85.150 (- Romania)
2016-07-07 08:28Payment SiteCerber
52uo5k3t73ypjije.skri59.top
Eranet International Limited (n/a)
2016-07-07 01:41Botnet C&CLocky
sgowntfjwkybawi.pw
Dotserve Inc192.42.116.41 (- Netherlands)
2016-07-06 23:23Botnet C&CLocky
148.163.73.29
148.163.73.29 (- United States)
2016-07-06 19:12Payment SiteTorrentLocker
mz7oyb3v32vshcvk.bidobject.li
(n/a)
2016-07-06 19:03Payment SiteCerber
cerberhhyed5frqa.sdfiso.win
Eranet International Limited (n/a)
2016-07-06 18:00Payment SiteCerber
pmenboeqhyrpvomq.li4loi.top
Eranet International Limited (n/a)
2016-07-06 10:17Payment SiteCerber
cerberhhyed5frqa.we34re.top
Eranet International Limited (n/a)
2016-07-05 14:58Payment SiteCerber
52uo5k3t73ypjije.red4is.top
Eranet International Limited (n/a)
2016-07-05 13:49Botnet C&CLocky
185.106.122.38
185.106.122.38 (- Romania)
2016-07-05 13:45Payment SiteTorrentLocker
mz7oyb3v32vshcvk.getstar.li
(n/a)
2016-07-05 13:06Payment SiteCerber
52uo5k3t73ypjije.495iru.top
Eranet International Limited (n/a)
2016-07-05 12:55Payment SiteCerber
52uo5k3t73ypjije.cmfkru.top
Eranet International Limited (n/a)
2016-07-05 11:48Botnet C&CLocky
xhrnfffaixawpuob.pw
Dotserve Inc192.42.116.41 (- Netherlands)
2016-07-05 11:00Payment SiteCerber
52uo5k3t73ypjije.lib2vi.top
Eranet International Limited (n/a)
2016-07-05 11:00Payment SiteCerber
52uo5k3t73ypjije.m5fgoi.top
Eranet International Limited (n/a)
2016-07-05 10:35Botnet C&CLocky
rbwubtpsyokqn.info
1API GmbH185.129.148.6 (- Latvia)
2016-07-05 10:35Botnet C&CLocky
gccxqpuuylioxoip.pw
Dotserve Inc192.42.116.41 (- Netherlands)
2016-07-05 10:23Payment SiteCerber
52uo5k3t73ypjije.dkriur.top
Eranet International Limited (n/a)
2016-07-05 10:06Payment SiteCerber
cerberhhyed5frqa.cmti5o.win
Eranet International Limited (n/a)
2016-07-04 22:45Payment SiteCerber
cerberhhyed5frqa.45kgok.win
Eranet International Limited (n/a)
2016-07-04 21:44Payment SiteCerber
cerberhhyed5frqa.ad34ft.win
Eranet International Limited (n/a)
2016-07-04 20:58Payment SiteCerber
cerberhhyed5frqa.werti4.win
Eranet International Limited (n/a)
2016-07-04 18:28Payment SiteCerber
cerberhhyed5frqa.m5gid4.top
Eranet International Limited (n/a)
2016-07-04 16:16Distribution SiteLocky
clear-sky.tk
BV Dot TK (n/a)
2016-07-04 06:06Payment SiteCerber
cerberhhyed5frqa.wewiso.win
Eranet International Limited (n/a)
2016-07-04 05:45Payment SiteCerber
cerberhhyed5frqa.lfotp5.top
Eranet International Limited (n/a)
2016-07-03 21:57Payment SiteCerber
cerberhhyed5frqa.sims6n.win
Eranet International Limited (n/a)
2016-07-03 20:05Payment SiteCerber
cerberhhyed5frqa.xtrvb4.win
Eranet International Limited (n/a)
2016-07-03 13:04Payment SiteCerber
cerberhhyed5frqa.cneo59.win
Eranet International Limited (n/a)
2016-07-03 12:20Payment SiteCerber
cerberhhyed5frqa.45gf4t.win
Eranet International Limited (n/a)
2016-07-03 09:31Payment SiteCerber
cerberhhyed5frqa.fgfid6.win
Eranet International Limited (n/a)
2016-07-01 19:01Payment SiteCerber
cerberhhyed5frqa.5kti58.win
Eranet International Limited (n/a)
2016-07-01 17:36Payment SiteCerber
cerberhhyed5frqa.m5gid4.win
Eranet International Limited (n/a)
2016-07-01 13:30Botnet C&CLocky
fnjyygovdjyemga.xyz
Namecheapn/a
2016-07-01 01:33Payment SiteCerber
cerberhhyed5frqa.xmfu59.win
Eranet International Limited (n/a)
2016-06-30 19:00Payment SiteCerber
cerberhhyed5frqa.lib2vi.win
Eranet International Limited (n/a)
2016-06-30 13:26Payment SiteCerber
cerberhhyed5frqa.xo59ok.win
Eranet International Limited (n/a)
2016-06-30 11:13Payment SiteCerber
cerberhhyed5frqa.cmr95i.win
Eranet International Limited (n/a)
2016-06-30 03:56Payment SiteCerber
cerberhhyed5frqa.zgf48j.win
Eranet International Limited (n/a)
2016-06-30 01:52Payment SiteCerber
cerberhhyed5frqa.fkri48.win
Eranet International Limited (n/a)
2016-06-29 23:00Botnet C&CLocky
193.9.28.254
193.9.28.254 (- United States)
2016-06-29 23:00Botnet C&CLocky
185.146.169.16
185.146.169.16 (- Russian Federation)
2016-06-29 20:20Payment SiteCerber
cerberhhyed5frqa.cmr95i.top
Eranet International Limited (n/a)
2016-06-29 17:06Payment SiteCerber
cerberhhyed5frqa.kipfgs65s.com
BIZCN.COM, INC. (n/a)
2016-06-29 10:35Botnet C&CLocky
wjfkoqueatxdmqw.biz
BIZCN.COM, INC.151.236.15.226 (- Germany)

# of rows displayed: 100
# of entries in database: 13'867

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 >