Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage | GlobeImposter

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-04-01 21:14Botnet C&CLocky
45.55.192.133
45.55.192.133 (- United States)
2016-04-01 19:49Botnet C&CTeslaCrypt
hotcasinogames.org
GoDaddy.com, LLC217.70.180.150 (- France)
2016-04-01 17:39Botnet C&CLocky
91.209.77.86
91.209.77.86 (- Czech Republic)
2016-04-01 15:06Distribution SiteLocky
docmate.com
ENOM, INC.52.38.216.226 (- United States)
2016-04-01 15:05Distribution SiteLocky
anmchosp.com
GODADDY.COM, LLC108.179.230.38 (- United States)
2016-04-01 13:28Distribution SiteLocky
zagool.nl
OVH (n/a)
2016-04-01 13:28Distribution SiteLocky
avanteconsultores.com
NETEARTH ONE INC. D/B/A NETEARTH82.165.195.128 (- Germany)
2016-04-01 05:56Distribution SiteLocky
a-ntsuhan.com
ENOM, INC. (n/a)
2016-04-01 05:56Distribution SiteLocky
vtdrive.kz
HOSTER.KZ (n/a)
2016-04-01 05:56Distribution SiteLocky
storepro.ir
(n/a)
2016-04-01 05:56Distribution SiteLocky
zwei.audio
1&1 Internet SE217.160.0.111 (- Germany)
2016-04-01 05:56Distribution SiteLocky
anttela.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]202.75.56.132 (- Malaysia)
2016-03-31 23:21Botnet C&CLocky
88.198.119.177
88.198.119.177 (- Germany)
2016-03-31 20:53Botnet C&CTeslaCrypt
mahmutersan.com.tr
160.153.18.235 (- United States)
2016-03-31 20:53Botnet C&CTeslaCrypt
kknk-shop.dev.onnetdigital.com
ENOM, INC.176.9.2.244 (- Germany)
2016-03-31 20:53Botnet C&CTeslaCrypt
forms.net.in
GoDaddy.com, LLC (R101-AFIN)160.153.51.192 (- United States)
2016-03-31 20:26Botnet C&CLocky
sqrgvbgfyya.org
Dynadot, LLC69.195.129.70 (- United States)
2016-03-31 20:26Botnet C&CLocky
barjhxoye.info
101domain, Inc195.22.28.197 (- Portugal)
2016-03-31 20:06Botnet C&CLocky
81.177.181.164
81.177.181.164 (- Russian Federation)
2016-03-31 17:53Distribution SiteLocky
greenellebox.com
OVH217.160.0.33 (- Germany)
2016-03-31 17:52Distribution SiteLocky
www.aluguerdiadema.com
NETWORK SOLUTIONS, LLC.185.2.4.74 (- Italy)
2016-03-31 17:52Distribution SiteLocky
icurlers.com
GODADDY.COM, LLC138.201.79.116 (- Germany)
2016-03-31 17:52Distribution SiteLocky
shopyb.com
DOMAINCLUB.COM LLC138.68.70.178 (- Germany)
2016-03-31 17:51Distribution SiteLocky
mentalmathcompetition.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]173.239.23.228 (- United States)
2016-03-31 17:51Distribution SiteLocky
hollandfoodexchange.com
KEY-SYSTEMS GMBH78.46.245.40 (- Germany)
2016-03-31 17:49Distribution SiteLocky
mylookalikedoll.com
GODADDY.COM, LLC5.100.152.180 (- Virgin Islands)
2016-03-31 17:48Distribution SiteLocky
be-stlines-tore.com
ENOM, INC. (n/a)
2016-03-31 17:48Distribution SiteLocky
aaacollectionsjewelry.com
ENOM, INC. (n/a)
2016-03-31 17:45Distribution SiteLocky
internetsimplificada.com.br
(n/a)
2016-03-31 17:44Distribution SiteLocky
easyvisa.com
GODADDY.COM, LLC (n/a)
2016-03-31 17:44Distribution SiteLocky
easyvisa.com
GODADDY.COM, LLC (n/a)
2016-03-31 17:20Distribution SiteLocky
beimeihuifu.com
FASTDOMAIN, INC. (n/a)
2016-03-31 16:56Payment SiteTeslaCrypt
i5ndw.titlecorta.at
(n/a)
2016-03-31 16:53Payment SiteTeslaCrypt
d34fa.lasmeio.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-03-31 16:11Botnet C&CTeslaCrypt
casasembargada.com
GODADDY.COM, LLC23.229.166.194 (- United States)
2016-03-31 15:57Distribution SiteLocky
santekhnicheskie-raboti.ru
REGRU-RU (n/a)
2016-03-31 15:56Distribution SiteLocky
smartbs-cameroun.com
NAMEWEB BVBA (n/a)
2016-03-31 15:44Distribution SiteLocky
drirenaeris.com.au
Web Address Registration110.232.140.74 (- Australia)
2016-03-31 15:44Distribution SiteLocky
abnreview.com.au
Web Address Registration (n/a)
2016-03-31 15:43Distribution SiteLocky
buketrose.ru
REGRU-RU31.31.196.143 (- Russian Federation)
2016-03-31 15:43Distribution SiteLocky
zakaz-sharikov.ru
REGRU-RU (n/a)
2016-03-31 15:43Distribution SiteLocky
brand-obuv.ru
REGRU-RU (n/a)
2016-03-31 13:59Botnet C&CLocky
dwytqrgblrynsgtew.org
Dynadot, LLC69.195.129.70 (- United States)
2016-03-31 13:37Botnet C&CTeslaCrypt
csskol.org
GoDaddy.com, LLC160.153.51.192 (- United States)
2016-03-31 12:59Payment SiteTorrentLocker
stgg5jv6mqiibmax.torpoint.ch
(n/a)
2016-03-31 12:41Botnet C&CTorrentLocker
bedrifg.org
Registrar of Domain Names REG.RU[...] (n/a)
2016-03-31 12:26Distribution SiteLocky
epegasus.pl
Consulting Service Sp. z o.o.91.200.184.116 (- Poland)
2016-03-31 12:26Distribution SiteLocky
grzegorzschreiber.pl
AZ.pl Sp. z o.o.193.106.238.29 (- Poland)
2016-03-31 10:26Distribution SiteLocky
pure-line.com.pl
Consulting Service Sp. z o.o.193.106.238.29 (- Poland)
2016-03-31 10:26Distribution SiteLocky
new.teamlight.ru
REGRU-RU (n/a)
2016-03-31 08:50Distribution SiteLocky
assura-courtage.org
1 & 1 Internet AG217.160.0.14 (- Germany)
2016-03-31 08:49Distribution SiteLocky
bonares.pl
Consulting Service Sp. z o.o.188.40.44.195 (- Germany)
2016-03-31 08:48Distribution SiteLocky
arcfestoheni.hu
185.43.207.2 (- Hungary)
2016-03-31 08:48Distribution SiteLocky
xn--po-wqa.pl
Consulting Service Sp. z o.o.193.106.238.29 (- Poland)
2016-03-31 08:46Distribution SiteLocky
oceancraftnepal.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]192.185.175.94 (- United States)
2016-03-31 07:53Botnet C&CTorrentLocker
velodrivve.biz
PDR LTD. D/B/A PUBLICDOMAINREGIS[...] (n/a)
2016-03-31 06:04Distribution SiteLocky
photronlamp.com
PLANETDOMAIN PTY LTD.23.227.38.32 (- Canada)
2016-03-31 05:29Botnet C&CLocky
31.41.44.130
31.41.44.130 (- Russian Federation)
2016-03-31 05:28Botnet C&CLocky
51.254.240.45
51.254.240.45 (- France)
2016-03-31 05:18Distribution SiteLocky
blog.saletron.net
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]91.215.216.56 (- Bulgaria)
2016-03-31 05:18Distribution SiteLocky
hiddenhandbags.com
CSL COMPUTER SERVICE LANGENBACH [...]217.69.44.35 (- United Kingdom)
2016-03-31 05:17Distribution SiteLocky
lojaagrometal.com.br
209.126.22.187 (- United States)
2016-03-31 05:15Distribution SiteLocky
blog.insite.pt
193.126.240.145 (- Portugal)
2016-03-31 05:14Distribution SiteLocky
dev.orolatina.com
GODADDY.COM, LLC34.238.27.202 (- United States)
2016-03-31 05:14Distribution SiteLocky
itead-europe.com
1 API GMBH (n/a)
2016-03-31 05:14Distribution SiteLocky
zilton.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]206.189.240.157 (- United States)
2016-03-31 05:14Distribution SiteLocky
caferacerpneus.com.br
104.27.170.148 (- United States) +1 A record(s) 104.27.171.148 (AS13335, - United States)
2016-03-30 22:06Botnet C&CLocky
82.146.37.200
82.146.37.200 (- Russian Federation)
2016-03-30 16:34Distribution SiteLocky
kingsstaging.consines.in
ZNet Technologies Private Limite[...] (n/a)
2016-03-30 16:33Distribution SiteLocky
srijanexportstowelwarmers.co.uk
PDR Ltd. d/b/a PublicDomainRegis[...]91.195.240.92 (- Germany)
2016-03-30 15:54Botnet C&CTeslaCrypt
grosirkecantikan.com
ENOM, INC.192.185.51.87 (- United States)
2016-03-30 14:02Botnet C&CLocky
93.170.131.108
93.170.131.108 (- Russian Federation)
2016-03-30 13:29Distribution SiteLocky
fabiocaminero.com
NETEARTH ONE INC. D/B/A NETEARTH (n/a)
2016-03-30 13:29Distribution SiteLocky
cssrd.org.lb
5.172.159.231 (- United Kingdom)
2016-03-30 12:54Botnet C&CTeslaCrypt
naturstein-schubert.de
91.250.80.97 (- Germany)
2016-03-30 11:59Distribution SiteLocky
www.deco-dessert.com
GANDI SAS195.154.38.196 (- France)
2016-03-30 11:58Distribution SiteLocky
aztechnologies.co.uk
Wild West Domains, Inc.192.124.249.18 (- United States)
2016-03-30 11:58Distribution SiteLocky
refindsexy.com
GODADDY.COM, LLC192.80.146.30 (- United States)
2016-03-30 10:00Botnet C&CLocky
83.217.25.239
83.217.25.239 (- Russian Federation)
2016-03-30 09:03Distribution SiteLocky
rtcs.com.my
198.185.159.144 (- United States) +3 A record(s) 198.185.159.145 (AS132111, - United States)
198.49.23.144 (AS53831, - United States)
198.49.23.145 (AS53831, - United States)
2016-03-30 09:02Distribution SiteLocky
arredamentibielle.com
ENOM, INC.79.98.45.56 (- Italy)
2016-03-30 09:02Distribution SiteLocky
www.therapiemontpellier.fr
GANDI (n/a)
2016-03-30 09:02Distribution SiteLocky
divaradyo.com
NICS TELEKOMUNIKASYON TICARET LT[...] (n/a)
2016-03-30 09:01Distribution SiteLocky
alexsolenni.it
PLY-REG178.237.15.128 (- Italy)
2016-03-30 09:01Distribution SiteLocky
chocolatesindustrial.com
ENOM, INC.104.236.195.85 (- United States)
2016-03-30 09:00Distribution SiteLocky
fatihyagci.com
GODADDY.COM, LLC185.172.146.83 (- Netherlands)
2016-03-30 08:59Distribution SiteLocky
www.royalcaribbeanbeddingcollection.com
GODADDY.COM, LLC64.207.185.206 (- United States)
2016-03-30 08:55Distribution SiteLocky
folk.garnet-soft.com
TLD REGISTRAR SOLUTIONS LTD (n/a)
2016-03-30 08:55Distribution SiteLocky
downloadroot.com
GODADDY.COM, LLC199.191.50.178 (- Virgin Islands)
2016-03-30 08:55Distribution SiteLocky
cainabela.com
GODADDY.COM, LLC46.101.10.216 (- United Kingdom)
2016-03-30 08:51Distribution SiteLocky
bikerswear.co.uk
1 & 1 Internet SE138.68.190.122 (- United Kingdom)
2016-03-30 08:51Distribution SiteLocky
princesa-de-ebano.com
OVH (n/a)
2016-03-30 08:50Distribution SiteLocky
azcarpartsuk.com
MESH DIGITAL LIMITED23.227.38.32 (- Canada)
2016-03-30 08:49Distribution SiteLocky
hotpassion.co.uk
eNom, Inc.94.247.100.37 (- United Kingdom)
2016-03-30 07:39Payment SiteLocky
25z5g623wpqpdwis.onion.to
185.100.85.150 (- Romania)
2016-03-30 06:12Distribution SiteLocky
tbde.com.vn
128.199.209.161 (- Singapore)
2016-03-30 06:12Distribution SiteLocky
silvec.com
UNITED-DOMAINS AG23.20.239.12 (- United States)
2016-03-30 06:11Distribution SiteLocky
jeweldiva.com
NETWORK SOLUTIONS, LLC.104.207.242.191 (- United States)
2016-03-30 06:11Distribution SiteLocky
hindleys.com
REGISTER.IT SPA194.12.14.234 (- United Kingdom)
2016-03-30 06:10Distribution SiteLocky
gazoccaz.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]109.234.162.45 (- France)

# of rows displayed: 100
# of entries in database: 13'867

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 >