Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage | GlobeImposter

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-06-29 10:35Botnet C&CLocky
uvcmlfca.biz
DYNADOT LLC69.195.129.70 (- United States)
2016-06-29 07:47Payment SiteCerber
cerberhhyed5frqa.alri58.win
Eranet International Limited (n/a)
2016-06-29 04:14Payment SiteCerber
cerberhhyed5frqa.m5fgoi.win
Eranet International Limited (n/a)
2016-06-29 03:01Payment SiteCerber
cerberhhyed5frqa.er48rt.win
Eranet International Limited (n/a)
2016-06-28 19:43Payment SiteCerber
cerberhhyed5frqa.asxce4.win
Eranet International Limited (n/a)
2016-06-28 16:29Payment SiteCerber
cerberhhyed5frqa.adevf4.win
Eranet International Limited (n/a)
2016-06-28 15:37Payment SiteCerber
cerberhhyed5frqa.li4loi.win
Eranet International Limited (n/a)
2016-06-28 12:54Botnet C&CLocky
pnyviolg.eu
eNom, Inc208.100.26.234 (- United States)
2016-06-28 12:08Payment SiteCerber
cerberhhyed5frqa.ti4wic.win
Eranet International Limited (n/a)
2016-06-28 10:55Payment SiteCerber
cerberhhyed5frqa.moneu5.win
Eranet International Limited (n/a)
2016-06-28 06:50Payment SiteCerber
cerberhhyed5frqa.oneswi.win
Eranet International Limited (n/a)
2016-06-28 03:13Payment SiteCerber
cerberhhyed5frqa.to6maq.win
Eranet International Limited (n/a)
2016-06-28 02:07Payment SiteCerber
cerberhhyed5frqa.fkr84i.win
Eranet International Limited (n/a)
2016-06-28 01:26Payment SiteCerber
cerberhhyed5frqa.as13fd.win
Eranet International Limited (n/a)
2016-06-28 00:52Payment SiteCerber
cerberhhyed5frqa.raress.win
Eranet International Limited (n/a)
2016-06-27 23:17Payment SiteCerber
cerberhhyed5frqa.mix3hi.win
Eranet International Limited (n/a)
2016-06-27 22:12Payment SiteCerber
cerberhhyed5frqa.we34re.win
Eranet International Limited (n/a)
2016-06-27 21:10Botnet C&CLocky
uetwvrlnee.fr
1API GmbH208.100.26.234 (- United States)
2016-06-27 20:05Payment SiteCerber
cerberhhyed5frqa.dk59jg.win
Eranet International Limited (n/a)
2016-06-27 17:51Payment SiteCerber
cerberhhyed5frqa.xltnet.win
Eranet International Limited (n/a)
2016-06-27 16:31Payment SiteCerber
cerberhhyed5frqa.workju.win
Eranet International Limited (n/a)
2016-06-27 16:30Payment SiteCerber
cerberhhyed5frqa.gkfit9.top
Eranet International Limited (n/a)
2016-06-27 15:01Payment SiteCerber
cerberhhyed5frqa.dkrti5.top
Eranet International Limited (n/a)
2016-06-27 14:14Payment SiteCerber
cerberhhyed5frqa.qor499.top
Eranet International Limited (n/a)
2016-06-27 13:15Payment SiteCerber
cerberhhyed5frqa.wet4io.win
Eranet International Limited (n/a)
2016-06-27 12:43Payment SiteCerber
cerberhhyed5frqa.cneo59.top
Eranet International Limited (n/a)
2016-06-26 09:07Payment SiteCerber
cerberhhyed5frqa.xmfir0.top
Eranet International Limited (n/a)
2016-06-25 23:36Payment SiteCerber
cerberhhyed5frqa.305iot.top
Eranet International Limited (n/a)
2016-06-25 00:05Payment SiteCerber
cerberhhyed5frqa.xmfkr8.top
Eranet International Limited (n/a)
2016-06-24 19:58Botnet C&CCryptoWall
businessaviators.com
TUCOWS DOMAINS INC.209.193.73.67 (- United States)
2016-06-24 15:50Payment SiteCerber
cerberhhyed5frqa.xmfjr7.top
Eranet International Limited (n/a)
2016-06-24 11:41Payment SiteCerber
cerberhhyed5frqa.gkfit9.win
Eranet International Limited (n/a)
2016-06-24 07:51Payment SiteTorrentLocker
mz7oyb3v32vshcvk.torapples.li
(n/a)
2016-06-24 00:36Payment SiteCerber
cerberhhyed5frqa.305iot.win
Eranet International Limited (n/a)
2016-06-23 06:48Botnet C&CLocky
91.219.29.41
91.219.29.41 (- Ukraine)
2016-06-22 13:23Payment SiteCerber
cerberhhyed5frqa.xmfir0.win
Eranet International Limited (n/a)
2016-06-22 12:37Payment SiteTorrentLocker
mz7oyb3v32vshcvk.torlongor.li
(n/a)
2016-06-22 12:24Distribution SiteTorrentLocker
magnitel.net
DINAHOSTING SL82.98.139.147 (- Spain)
2016-06-22 06:00Payment SiteCerber
cerberhhyed5frqa.vmfu48.win
Eranet International Limited (n/a)
2016-06-21 12:22Payment SiteCerber
cerberhhyed5frqa.xmfhr6.win
Eranet International Limited (n/a)
2016-06-21 04:34Payment SiteCerber
cerberhhyed5frqa.azlto5.win
Eranet International Limited (n/a)
2016-06-21 02:42Botnet C&CLocky
aarnknthc.xyz
Namecheap208.100.26.234 (- United States)
2016-06-21 02:41Botnet C&CLocky
kjkwjqvqrjocpi.xyz
Namecheapn/a
2016-06-21 02:41Botnet C&CLocky
185.141.25.108
185.141.25.108 (- Romania)
2016-06-19 10:51Botnet C&CLocky
fhvjsmtkirihxh.xyz
Namecheap208.100.26.234 (- United States)
2016-06-19 05:09Botnet C&CLocky
ltpwqva.xyz
Namecheap208.100.26.234 (- United States)
2016-06-16 14:58Distribution SiteLocky
vinabuhmwoo.com
ONLINENIC, INC. (n/a)
2016-06-15 14:03Payment SiteTorrentLocker
de2nuvwegoo32oqv.tormilki.li
(n/a)
2016-06-15 09:00Payment SiteTorrentLocker
stgg5jv6mqiibmax.toranimals.li
(n/a)
2016-06-15 06:34Payment SiteTorrentLocker
de2nuvwegoo32oqv.torminimals.li
(n/a)
2016-06-09 08:31Payment SiteTorrentLocker
de2nuvwegoo32oqv.tortodorf.li
(n/a)
2016-06-08 07:23Payment SiteTorrentLocker
stgg5jv6mqiibmax.torclasses.li
(n/a)
2016-06-08 07:09Payment SiteTorrentLocker
de2nuvwegoo32oqv.tordrims.li
(n/a)
2016-06-06 08:41Distribution SiteLocky
bogialai.com
P.A. VIET NAM COMPANY LIMITED (n/a)
2016-06-06 06:48Botnet C&CLocky
bddadevlpkwrrmud.xyz
Namecheap208.100.26.234 (- United States)
2016-06-05 08:53Botnet C&CDMALocker
www.actioncompass.online
Namecheap5.8.63.31 (- United States)
2016-06-04 10:10Payment SiteTorrentLocker
de2nuvwegoo32oqv.torfigth.li
(n/a)
2016-06-02 23:32Botnet C&CLocky
82.196.6.154
82.196.6.154 (- Netherlands)
2016-06-02 23:32Botnet C&CLocky
51.255.107.20
51.255.107.20 (- France)
2016-06-01 14:28Distribution SiteLocky
auburnac.org
Wild West Domains, LLC199.34.228.59 (- United States)
2016-06-01 14:28Distribution SiteLocky
davidcandy.website.pl
Consulting Service Sp. z o.o.195.114.1.126 (- Poland)
2016-06-01 14:28Distribution SiteLocky
nitalholdings.com
GODADDY.COM, LLC192.186.196.34 (- United States)
2016-06-01 14:28Distribution SiteLocky
f7space.zg5.ru
REGTIME-RU91.223.216.57 (- Ukraine)
2016-06-01 14:28Distribution SiteLocky
nuzzledot.com
GODADDY.COM, LLC23.229.147.2 (- United States)
2016-06-01 14:28Distribution SiteLocky
tipsforall.in
GoDaddy.com, LLC (R101-AFIN) (n/a)
2016-06-01 14:28Distribution SiteLocky
hanzzflorist.com
GODADDY.COM, LLC (n/a)
2016-06-01 14:28Distribution SiteLocky
shivshanti.in
GoDaddy.com, LLC (R101-AFIN)139.59.18.209 (- India)
2016-06-01 14:28Distribution SiteLocky
iidfc.com
GKG.NET, INC.173.212.240.186 (- Germany)
2016-06-01 14:28Distribution SiteLocky
buscahoy.com
GODADDY.COM, LLC192.186.245.194 (- United States)
2016-06-01 14:28Distribution SiteLocky
216.104.183.199
n/a
2016-06-01 14:28Distribution SiteLocky
discountghd.org
GoDaddy.com, LLC (n/a)
2016-06-01 10:02Payment SiteCerber
cerberhhyed5frqa.m5gips.win
Eranet International Limited (n/a)
2016-06-01 08:05Payment SiteTorrentLocker
stgg5jv6mqiibmax.torking.li
(n/a)
2016-06-01 08:02Payment SiteTorrentLocker
stgg5jv6mqiibmax.torbrouke.li
(n/a)
2016-06-01 07:12Distribution SiteLocky
arhlit.ru
RU-CENTER-RU195.208.1.107 (- Russian Federation)
2016-06-01 07:11Distribution SiteLocky
amande-concerts.de
(n/a)
2016-06-01 07:11Distribution SiteLocky
lizdion.net
GODADDY.COM, LLC185.53.179.8 (- Germany)
2016-06-01 06:25Distribution SiteLocky
bestcanadiandecks.ca
Go Daddy Domains Canada, Inc (n/a)
2016-05-31 20:04Botnet C&CLocky
93.170.123.60
93.170.123.60 (- Czech Republic)
2016-05-31 20:04Botnet C&CLocky
195.154.69.90
195.154.69.90 (- France)
2016-05-30 15:53Botnet C&CLocky
193.9.28.13
193.9.28.13 (- United States)
2016-05-28 12:22Distribution SiteLocky
www.studiopanella.it
TISCALIDOMAIN-REG213.205.38.36 (- Italy)
2016-05-28 12:22Distribution SiteLocky
www.pececitos.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]89.248.106.23 (- Spain)
2016-05-28 12:21Distribution SiteLocky
www.johnlodgearchitects.com
GODADDY.COM, LLC207.154.33.12 (- United States)
2016-05-28 12:21Distribution SiteLocky
www.johnlodgearchitects.com
GODADDY.COM, LLC207.154.33.12 (- United States)
2016-05-28 10:53Payment SiteTorrentLocker
stgg5jv6mqiibmax.torshop.li
(n/a)
2016-05-28 10:32Distribution SiteLocky
christian-view.com
TUCOWS DOMAINS INC. (n/a)
2016-05-28 10:32Distribution SiteLocky
www.pececitos.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]89.248.106.23 (- Spain)
2016-05-28 10:32Distribution SiteLocky
www.noghrehpol.ir
(n/a)
2016-05-28 10:32Distribution SiteLocky
mtldesigns.ca
Go Daddy Domains Canada, Inc (n/a)
2016-05-28 10:32Distribution SiteLocky
www.abbigliamentotorino.com
NETWORK SOLUTIONS, LLC. (n/a)
2016-05-28 10:31Distribution SiteLocky
calcoastlogistics.com
GODADDY.COM, LLC50.63.202.40 (- United States)
2016-05-28 10:31Distribution SiteLocky
gatorusa.com
GODADDY.COM, LLC162.247.76.125 (- United States)
2016-05-28 00:31Botnet C&CLocky
5.152.199.70
5.152.199.70 (- United Kingdom)
2016-05-27 12:39Distribution SiteLocky
gc-hubbelrath.server1.hostingforyou.de
(n/a)
2016-05-27 12:37Distribution SiteLocky
98.131.20.17
(n/a)
2016-05-27 11:02Distribution SiteLocky
egadget.ru
RU-CENTER-RU (n/a)
2016-05-27 11:02Distribution SiteLocky
cobrebactericida.org
Network Solutions, LLC (n/a)
2016-05-27 11:01Distribution SiteLocky
www.samrhamburg.com
MELBOURNE IT, LTD. D/B/A INTERNE[...] (n/a)
2016-05-27 11:01Distribution SiteLocky
wondervalley.in
Rediff.com India Limited (R37-AF[...]166.62.10.183 (- United States)

# of rows displayed: 100
# of entries in database: 13'867

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 >