Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage | GlobeImposter

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-05-05 13:45Botnet C&CLocky
fdehgchykmiqwdg.info
Dynadot, LLC69.195.129.70 (- United States)
2016-05-05 13:45Botnet C&CLocky
91.219.29.66
91.219.29.66 (- Ukraine)
2016-05-05 13:45Botnet C&CLocky
185.22.67.108
185.22.67.108 (- Kazakhstan)
2016-05-05 08:31Botnet C&CLocky
91.226.93.124
91.226.93.124 (- Russian Federation)
2016-05-05 07:24Distribution SiteLocky
fashionmekka.com
KEY-SYSTEMS GMBH23.20.239.12 (- United States)
2016-05-05 06:54Distribution SiteLocky
sourcechemindia.com
WILD WEST DOMAINS, LLC67.227.226.240 (- United States)
2016-05-05 06:54Distribution SiteLocky
testovaciadomena.sk
93.184.77.198 (- Slovakia)
2016-05-05 06:53Distribution SiteLocky
stadiumwebshop.com
TLD REGISTRAR SOLUTIONS LTD94.177.168.91 (- Italy)
2016-05-05 06:53Distribution SiteLocky
web.smadwiwarna.net
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]23.250.112.155 (- United States)
2016-05-05 06:53Distribution SiteLocky
jambe.in
GoDaddy.com, LLC (R101-AFIN)216.239.32.21 (- United States) +3 A record(s) 216.239.34.21 (AS15169, - United States)
216.239.36.21 (AS15169, - United States)
216.239.38.21 (AS15169, - United States)
2016-05-05 06:52Distribution SiteLocky
cwsnet.com.au
Web Address Registration216.224.174.137 (- United States)
2016-05-05 06:52Botnet C&CLocky
91.234.33.215
91.234.33.215 (- Ukraine)
2016-05-05 05:51Payment SiteTeslaCrypt
h54dc.leverdaze.at
(n/a)
2016-05-04 22:34Botnet C&CPayCrypt
dnibsan.com
ENOM, INC.67.225.220.95 (- United States)
2016-05-04 18:30Botnet C&CLocky
138.201.95.72
138.201.95.72 (- Germany)
2016-05-04 16:15Botnet C&CTeslaCrypt
random-shots.com
GODADDY.COM, LLC192.185.5.148 (- United States)
2016-05-04 07:41Botnet C&CLocky
31.184.197.126
31.184.197.126 (- Russian Federation)
2016-05-03 15:34Botnet C&CLocky
91.226.93.113
91.226.93.113 (- Russian Federation)
2016-05-03 15:33Botnet C&CLocky
91.219.29.64
91.219.29.64 (- Ukraine)
2016-05-03 13:49Distribution SiteLocky
badu.sk
88.86.121.17 (- Czech Republic)
2016-05-03 13:28Distribution SiteLocky
niagara.vn.ua
ua.ukraine31.131.16.135 (- Ukraine)
2016-05-02 19:59Botnet C&CTeslaCrypt
www.maniffatoretraiteur.com
GANDI SAS217.70.180.151 (- France)
2016-05-02 06:06Payment SiteTeslaCrypt
k234s.ascotsprue.com
KEY-SYSTEMS GMBH184.105.192.2 (- United States)
2016-05-02 06:05Payment SiteTeslaCrypt
l123d.feustude.at
(n/a)
2016-05-02 06:05Payment SiteTeslaCrypt
u24er.ovaarmor.com
KEY-SYSTEMS GMBH184.105.192.2 (- United States)
2016-05-02 02:48Botnet C&CLocky
ycvcjbhgkmsiyhdd.info
Regtime Ltd.91.230.211.26 (- Russian Federation)
2016-05-01 23:05Botnet C&CTeslaCrypt
site7.aiglecom.com
GANDI SAS217.70.180.151 (- France)
2016-05-01 19:25Botnet C&CLocky
rrcspgfghsjnklts.pw
Namecheap208.100.26.234 (- United States)
2016-05-01 15:39Botnet C&CLocky
abvtqhwodwjmi.work
Regtime91.230.211.26 (- Russian Federation)
2016-05-01 08:38Payment SiteTorrentLocker
stgg5jv6mqiibmax.toradmin.li
(n/a)
2016-05-01 08:34Payment SiteTorrentLocker
stgg5jv6mqiibmax.torclever.li
(n/a)
2016-04-29 19:56Botnet C&CLocky
cwprfpjtmjb.biz
DYNADOT LLC69.195.129.70 (- United States)
2016-04-29 17:21Botnet C&CLocky
83.217.8.155
83.217.8.155 (- Russian Federation)
2016-04-29 14:44Distribution SiteLocky
listelo.com.br
(n/a)
2016-04-29 12:39Botnet C&CLocky
89.108.84.155
89.108.84.155 (- Russian Federation)
2016-04-29 12:31Distribution SiteLocky
dveri-ivanovo.ru
R01-RU (n/a)
2016-04-29 10:59Distribution SiteLocky
avcilarinpazari.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]209.99.40.223 (- United States)
2016-04-29 10:59Distribution SiteLocky
zona-sezona.com.ua
ua.adresa91.223.223.159 (- Ukraine)
2016-04-29 10:59Distribution SiteLocky
amatic.in
GoDaddy.com, LLC (R101-AFIN)103.247.96.21 (- India)
2016-04-29 10:59Distribution SiteLocky
cafeaparis.eu
DonDominio.com / Soluciones Corp[...] (n/a)
2016-04-29 08:50Distribution SiteLocky
64.207.144.148
(n/a)
2016-04-29 08:50Distribution SiteLocky
easytravelvault.com
CRAZY DOMAINS FZ-LLC101.0.117.102 (- Australia)
2016-04-29 08:49Distribution SiteLocky
kizilirmakdeltasi.net
FBS INC.5.250.244.186 (- Turkey)
2016-04-29 08:49Distribution SiteLocky
emcartaz.net.br
177.11.48.108 (- Brazil)
2016-04-29 04:28Botnet C&CTeslaCrypt
gmtuae.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...] (n/a)
2016-04-28 20:51Botnet C&CTeslaCrypt
faenzabike.makkie.com
DNC HOLDINGS, INC.213.26.174.81 (- Italy)
2016-04-28 18:00Botnet C&CLocky
51.254.240.60
51.254.240.60 (- France)
2016-04-28 16:51Botnet C&CLocky
axnemuevqnstqyflb.work
Regtime31.148.99.188 (- Russian Federation)
2016-04-28 15:10Botnet C&CLocky
83.217.26.168
83.217.26.168 (- Russian Federation)
2016-04-28 13:12Botnet C&CLocky
31.41.44.246
31.41.44.246 (- Russian Federation)
2016-04-28 12:38Botnet C&CTeslaCrypt
bestinghana.com
GODADDY.COM, LLC (n/a)
2016-04-28 12:03Distribution SiteLocky
minisupergame.ru
REGRU-RU (n/a)
2016-04-28 12:03Distribution SiteLocky
cafe-vintage68.ru
R01-RU (n/a)
2016-04-28 12:03Distribution SiteLocky
switchright.com
123-REG LIMITED (n/a)
2016-04-28 12:02Distribution SiteLocky
3dphoto-rotate.ru
AGAVA-RU (n/a)
2016-04-28 12:02Distribution SiteLocky
banketcentr.ru
R01-RU (n/a)
2016-04-28 12:01Distribution SiteLocky
tribalsnedkeren.dk
93.90.146.102 (- Sweden)
2016-04-28 12:01Distribution SiteLocky
rabitaforex.com
GODADDY.COM, LLC (n/a)
2016-04-28 06:10Botnet C&CTeslaCrypt
coolcases.info
Wild West Domains, LLC72.167.232.144 (- United States)
2016-04-28 05:00Botnet C&CLocky
htankds.info
Regtime Ltd.91.219.31.18 (- Russian Federation)
2016-04-27 20:19Botnet C&CLocky
107.170.20.33
107.170.20.33 (- United States)
2016-04-27 16:51Botnet C&CTeslaCrypt
runescape-autominer.info
eNom, Inc.192.185.46.61 (- United States)
2016-04-27 15:42Botnet C&CTeslaCrypt
www.teacherassist.info
NameWeb BVBA94.124.120.61 (- Netherlands)
2016-04-27 15:14Botnet C&CLocky
146.185.155.126
146.185.155.126 (- Netherlands)
2016-04-27 12:48Distribution SiteLocky
warcraft-lich-king.ru
REGRU-RU87.236.19.13 (- Russian Federation)
2016-04-27 12:48Distribution SiteLocky
soccerinsider.net
TLD REGISTRAR SOLUTIONS LTD (n/a)
2016-04-27 12:47Distribution SiteLocky
pediatriayvacunas.com
DOMAIN.COM, LLC209.99.64.53 (- United States)
2016-04-27 12:47Distribution SiteLocky
onlinecrockpotrecipes.com
GODADDY.COM, LLC (n/a)
2016-04-27 12:46Distribution SiteLocky
lbbc.pt
130.185.84.57 (- Portugal)
2016-04-27 12:46Distribution SiteLocky
jurang.tk
Freedom Registry, Inc. (n/a)
2016-04-27 12:46Distribution SiteLocky
directenergy.tv
NAME.COM, INC. (n/a)
2016-04-27 12:45Distribution SiteLocky
adamauto.nl
TransIP BV5.61.253.117 (- Netherlands)
2016-04-27 12:44Distribution SiteLocky
aaacollectionsjewelry.com
ENOM, INC. (n/a)
2016-04-27 10:13Botnet C&CPayCrypt
parasolesdecolombia.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]198.1.80.79 (- United States)
2016-04-26 18:06Botnet C&CTeslaCrypt
kortingcodes.be
AXC108.167.181.253 (- United States)
2016-04-26 06:08Botnet C&CTeslaCrypt
custommerchandisingservices.com
TUCOWS DOMAINS INC.45.79.161.27 (- United States)
2016-04-23 21:18Botnet C&CTeslaCrypt
bonjourtablier.com
1&1 INTERNET SE212.227.247.229 (- Germany)
2016-04-23 01:18Botnet C&CTeslaCrypt
blackroom.club
OnlineNIC, Inc. d/b/a China-chan[...]81.177.135.232 (- Russian Federation)
2016-04-21 22:35Botnet C&CTeslaCrypt
blessingshealthuk.com
GODADDY.COM, LLC (n/a)
2016-04-21 22:35Botnet C&CTeslaCrypt
artsabc.com
NAME.COM, INC. (n/a)
2016-04-21 15:47Distribution SiteTeslaCrypt
yomanarmycc.asia
PDR Ltd. d/b/a PublicDomainRegis[...]n/a
2016-04-21 06:04Distribution SiteLocky
gogocalldrivers.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]209.99.40.222 (- United States)
2016-04-20 20:24Botnet C&CTeslaCrypt
anybug.net
OVH78.217.205.113 (- France)
2016-04-20 16:12Distribution SiteLocky
hstfood.com
REALTIME REGISTER BV176.9.121.221 (- Germany)
2016-04-20 16:12Distribution SiteLocky
crackersinchennai.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]209.99.40.223 (- United States)
2016-04-20 16:12Distribution SiteLocky
pinakfoods.com
GODADDY.COM, LLC160.153.35.5 (- United States)
2016-04-20 13:04Distribution SiteLocky
vegaindia.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]103.21.59.168 (- India)
2016-04-20 13:03Distribution SiteLocky
sapionusa.com
LAUNCHPAD.COM, INC.208.91.197.13 (- Virgin Islands)
2016-04-20 07:23Payment SiteTeslaCrypt
wor4d.slewirk.at
(n/a)
2016-04-20 07:14Payment SiteTeslaCrypt
kbv5s.kylepasse.at
(n/a)
2016-04-20 07:10Payment SiteTeslaCrypt
k47d3.proporr.com
KEY-SYSTEMS GMBH184.105.192.2 (- United States)
2016-04-20 06:42Botnet C&CTeslaCrypt
alushtadom.com
ONLINENIC, INC.81.177.140.186 (- Russian Federation)
2016-04-20 05:26Distribution SiteTeslaCrypt
thereissomegoodqq.com
KEY-SYSTEMS GMBH (n/a)
2016-04-20 05:25Distribution SiteTeslaCrypt
thereissomegoodqq.com
KEY-SYSTEMS GMBH (n/a)
2016-04-19 15:29Botnet C&CLocky
blxbymhjva.info
Dynadot, LLC69.195.129.70 (- United States)
2016-04-19 07:49Payment SiteTorrentLocker
3qbyaoohkcqkzrz6.torclassik.li
(n/a)
2016-04-19 04:25Botnet C&CLocky
ahsqbeospcdrngfv.info
101domain, Inc195.22.28.198 (- Portugal)
2016-04-19 04:24Botnet C&CLocky
cxlgwofgrjfoaa.info
101domain, Inc195.22.28.197 (- Portugal)
2016-04-18 10:00Botnet C&CLocky
91.234.35.243
91.234.35.243 (- Ukraine)
2016-04-18 05:26Botnet C&CTeslaCrypt
4turka.com
FBS INC. (n/a)

# of rows displayed: 100
# of entries in database: 13'867

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 >