Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage | GlobeImposter

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-03-06 07:10Botnet C&CTeslaCrypt
conspec.us
GODADDY.COM, INC. (n/a)
2016-03-05 17:18Botnet C&CTorrentLocker
velajsweg.com
REGISTRAR OF DOMAIN NAMES REG.RU[...] (n/a)
2016-03-05 17:16Botnet C&CTorrentLocker
oprtiwyx.com
REGISTRAR OF DOMAIN NAMES REG.RU[...] (n/a)
2016-03-05 16:26Botnet C&CCryptoWall
tusrecetas.net
GODADDY.COM, LLC69.162.104.22 (- United States)
2016-03-05 11:59Botnet C&CCryptoWall
trion.com.ph
104.238.111.90 (- United States)
2016-03-05 07:28Botnet C&CLocky
fitga.ru
101DOMAIN-RU195.22.28.197 (- Portugal)
2016-03-05 06:35Botnet C&CTorrentLocker
nerfetyv.org
Registrar of Domain Names REG.RU[...] (n/a)
2016-03-05 06:33Payment SiteTorrentLocker
rzss2zfue73dfvmj.truewargame.ch
1API GmbH (n/a)
2016-03-05 03:29Botnet C&CLocky
cudcfybkk.pw
101Domain, Inc.195.22.28.196 (- Portugal)
2016-03-04 23:06Botnet C&CLocky
wdvxeval.ru
101DOMAIN-RU195.22.28.197 (- Portugal)
2016-03-04 20:58Botnet C&CLocky
gvludcvhcrjwmgq.in
101domain, Inc. (R115-AFIN)195.22.28.196 (- Portugal)
2016-03-04 17:02Distribution SiteTeslaCrypt
soclosebutyetqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-04 17:02Distribution SiteTeslaCrypt
ohelloweuqq.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-04 16:15Botnet C&CTeslaCrypt
goktugyeli.com
REG2C.COM, INC. (n/a)
2016-03-04 15:12Botnet C&CTeslaCrypt
iqinternal.com
GODADDY.COM, LLC107.180.44.212 (- United States)
2016-03-04 14:29Botnet C&CCryptoWall
hamilton150.co.nz
167.88.167.10 (- United States)
2016-03-04 13:39Botnet C&CTeslaCrypt
fisioactivo.com
GODADDY.COM, LLC160.153.79.168 (- United States)
2016-03-04 13:16Payment SiteLocky
i3ezlvkoi7fwyood.tor2web.org
Tucows Inc.185.100.85.150 (- Romania)
2016-03-04 13:16Payment SiteLocky
i3ezlvkoi7fwyood.onion.to
185.100.85.150 (- Romania)
2016-03-04 07:22Botnet C&CTeslaCrypt
serbiotecnicos.com
ENOM, INC.198.252.78.160 (- United States)
2016-03-03 18:26Botnet C&CTeslaCrypt
onegiantstore.com
GODADDY.COM, LLC (n/a)
2016-03-03 18:04Distribution SiteTeslaCrypt
isthereanybodyqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-03 18:04Distribution SiteTeslaCrypt
ujajajgogoff.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-03 11:35Botnet C&CCryptoWall
takaram.ir
(n/a)
2016-03-03 06:05Botnet C&CTeslaCrypt
dustinhansenbook.com
GODADDY.COM, LLC (n/a)
2016-03-02 16:13Botnet C&CLocky
95.213.184.10
95.213.184.10 (- Russian Federation)
2016-03-02 15:08Botnet C&CLocky
192.71.213.69
192.71.213.69 (- Spain)
2016-03-02 14:08Botnet C&CCryptoWall
americancorner.udp.cl
200.14.85.32 (- Chile)
2016-03-02 13:51Payment SiteTorrentLocker
vrvis6ndra5jeggj.onlinebattlefield.ch
1API GmbH (n/a)
2016-03-02 13:50Payment SiteTeslaCrypt
pts764gt354fder34fsqw45gdfsavadfgsfg.kraskula.com
BIZCN.COM, INC.184.105.192.2 (- United States)
2016-03-02 13:47Botnet C&CTorrentLocker
ropytowero.com
REGISTRAR OF DOMAIN NAMES REG.RU[...] (n/a)
2016-03-02 13:47Botnet C&CTorrentLocker
wotreposdo.net
REGISTRAR OF DOMAIN NAMES REG.RU[...] (n/a)
2016-03-02 13:47Botnet C&CTorrentLocker
birufolen.com
REGISTRAR OF DOMAIN NAMES REG.RU[...] (n/a)
2016-03-02 13:47Botnet C&CTorrentLocker
sawsvore.net
REGISTRAR OF DOMAIN NAMES REG.RU[...] (n/a)
2016-03-02 13:46Botnet C&CTorrentLocker
pakezspohos.org
Registrar of Domain Names REG.RU[...] (n/a)
2016-03-02 13:00Payment SiteTeslaCrypt
sondr5344ygfweyjbfkw4fhsefv.heliofetch.at
(n/a)
2016-03-02 12:28Distribution SiteLocky
www.countrysaloonriki.sk
(n/a)
2016-03-02 12:27Distribution SiteLocky
leksvik.historielag.org
eNom, Inc.81.21.75.87 (- United Kingdom)
2016-03-02 12:27Distribution SiteLocky
sumiden-e.co.jp
210.129.90.38 (- Japan)
2016-03-02 12:27Distribution SiteLocky
e-monalisa.ro
ICI - ROTLD (n/a)
2016-03-02 12:26Distribution SiteLocky
ecofriend.co.jp
64.56.177.79 (- Japan)
2016-03-02 12:26Distribution SiteLocky
camberfam.de
(n/a)
2016-03-02 06:45Botnet C&CTeslaCrypt
ptlchemicaltrading.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...] (n/a)
2016-03-02 06:29Distribution SiteLocky
live.mycondofit.com
GODADDY.COM, LLC (n/a)
2016-03-02 06:29Distribution SiteLocky
media.mycondofit.ca
Go Daddy Domains Canada, Inc (n/a)
2016-03-02 06:29Distribution SiteLocky
gym.crossfitgreektown.com
GODADDY.COM, LLC31.41.44.136 (- Russian Federation)
2016-03-02 06:29Distribution SiteLocky
outlook.gymzone.org
GoDaddy.com, LLC31.41.44.136 (- Russian Federation)
2016-03-02 06:29Distribution SiteLocky
cloud.gymzonesudbury.com
GODADDY.COM, LLC (n/a)
2016-03-01 20:10Botnet C&CTeslaCrypt
opravnatramvaji.cz
REG-INTERNET-CZ194.228.3.204 (- Czech Republic)
2016-03-01 14:03Distribution SiteLocky
ubermensch.altervista.org
Tucows Inc.104.28.18.73 (- United States) +1 A record(s) 104.28.19.73 (AS13335, - United States)
2016-03-01 14:03Distribution SiteLocky
tianshilive.ru
R01-RU31.210.171.14 (- Russian Federation)
2016-03-01 14:00Botnet C&CLocky
kypsuw.pw
101Domain, Inc.195.22.28.198 (- Portugal)
2016-03-01 14:00Botnet C&CLocky
5.34.183.195
5.34.183.195 (- Ukraine)
2016-03-01 13:59Distribution SiteLocky
sitemar.ro
ICI - ROTLD85.9.26.134 (- Romania)
2016-03-01 13:59Distribution SiteLocky
accessinvestment.net
LAUNCHPAD.COM, INC.208.91.197.13 (- Virgin Islands)
2016-03-01 13:58Distribution SiteLocky
pacificgiftcards.com
ENOM, INC.204.11.56.48 (- Virgin Islands)
2016-03-01 12:20Payment SiteLocky
lpholfnvwbukqwye.onion.cab
InterNetworX Ltd. & Co. KG62.138.11.6 (- Germany)
2016-03-01 12:20Payment SiteLocky
lpholfnvwbukqwye.onion.to
185.100.85.150 (- Romania)
2016-03-01 12:15Botnet C&CLocky
185.14.29.188
185.14.29.188 (- Netherlands)
2016-03-01 10:23Distribution SiteTeslaCrypt
thisisitsqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-01 07:56Botnet C&CTorrentLocker
kowoplosezox.com
REGISTRAR OF DOMAIN NAMES REG.RU[...]n/a
2016-03-01 07:56Botnet C&CTorrentLocker
xefarporove.net
REGISTRAR OF DOMAIN NAMES REG.RU[...] (n/a)
2016-03-01 07:48Botnet C&CTorrentLocker
peqbkinexyr.org
Registrar of Domain Names REG.RU[...] (n/a)
2016-03-01 07:34Botnet C&CCTB-Locker
zsn5qtrgfpu4tmpg.tor2web.org
Tucows Inc.194.150.168.70 (- Germany)
2016-03-01 06:15Payment SiteTeslaCrypt
uiredn4njfsa4234bafb32ygjdawfvs.frascuft.com
BIZCN.COM, INC.184.105.192.2 (- United States)
2016-03-01 06:14Payment SiteTeslaCrypt
yyre45dbvn2nhbefbmh.begumvelic.at
(n/a)
2016-03-01 06:14Distribution SiteTeslaCrypt
ohiyoungbuyff.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-03-01 06:13Distribution SiteTeslaCrypt
helloyungmenqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-01 06:11Distribution SiteLocky
mansolution.in.th
T.H.NIC Co., Ltd. (n/a)
2016-03-01 05:21Botnet C&CCryptoWall
challengestrata.com.au
Web Address Registration175.107.181.167 (- Australia)
2016-03-01 05:21Botnet C&CCryptoWall
dichiro.com
NETWORK SOLUTIONS, LLC.206.188.193.93 (- United States)
2016-03-01 01:03Botnet C&CCryptoWall
beyondthedog.net
GODADDY.COM, LLC184.168.47.225 (- United States)
2016-02-29 14:09Botnet C&CLocky
91.219.29.55
91.219.29.55 (- Ukraine)
2016-02-29 12:36Botnet C&CTeslaCrypt
worldisonefamily.info
GoDaddy.com, LLC (n/a)
2016-02-29 12:36Botnet C&CTeslaCrypt
stacon.eu
Consulting Service Sp. z o.o. (n/a)
2016-02-29 12:36Botnet C&CTeslaCrypt
music.mbsaeger.com
GODADDY.COM, LLC (n/a)
2016-02-29 09:32Botnet C&CTeslaCrypt
imagescroll.com
1&1 INTERNET SE (n/a)
2016-02-28 21:57Botnet C&CCryptoWall
lazymoosestamping.com
ENOM, INC.173.225.189.5 (- United States)
2016-02-28 21:37Botnet C&CCryptoWall
maternalserenity.co.uk
eNom, Inc.69.10.56.10 (- United States)
2016-02-28 08:50Botnet C&CTeslaCrypt
hongsi.com
GABIA, INC.110.45.144.173 (- Korea)
2016-02-27 13:46Botnet C&CTeslaCrypt
biocarbon.com.ec
NIC.EC Registrar (n/a)
2016-02-27 11:53Botnet C&CCryptoWall
www.vishvagujarat.com
GODADDY.COM, LLC104.27.142.99 (- United States)
2016-02-27 11:53Botnet C&CCryptoWall
igatha.com
GODADDY.COM, LLC217.23.12.215 (- Netherlands)
2016-02-27 11:53Botnet C&CCryptoWall
cursos.feyda.net
NETWORK SOLUTIONS, LLC.198.154.228.128 (- United States)
2016-02-27 09:21Payment SiteTeslaCrypt
tes543berda73i48fsdfsd.keratadze.at
(n/a)
2016-02-27 09:21Payment SiteTeslaCrypt
gwe32fdr74bhfsyujb34gfszfv.zatcurr.com
BIZCN.COM, INC.184.105.192.2 (- United States)
2016-02-27 07:47Botnet C&CCTB-Locker
zsn5qtrgfpu4tmpg.onion.cab
InterNetworX Ltd. & Co. KG85.25.214.50 (- Germany)
2016-02-27 05:29Botnet C&CTeslaCrypt
heizhuangym.com
WEST263 INTERNATIONAL LIMITED (n/a)
2016-02-27 00:21Botnet C&CCryptoWall
best-service.jp
203.145.230.194 (- Japan)
2016-02-26 18:21Botnet C&CTeslaCrypt
surrogacyandadoption.com
GODADDY.COM, LLC185.26.122.59 (- Russian Federation)
2016-02-26 07:41Payment SitePadCrypt
gnkltbsaeq35rejl.tor2web.org
Tucows Inc.185.100.85.150 (- Romania)
2016-02-26 07:40Payment SitePadCrypt
gnkltbsaeq35rejl.onion.cab
InterNetworX Ltd. & Co. KG62.138.11.6 (- Germany)
2016-02-26 07:12Botnet C&CPadCrypt
gnkltbsaeq35rejl.onion.to
217.197.83.197 (- Germany)
2016-02-26 06:49Botnet C&CTeslaCrypt
jessforkicks.com
GODADDY.COM, LLC96.226.119.251 (- United States)
2016-02-26 00:23Botnet C&CCryptoWall
viralcrazies.com
ENOM, INC. (n/a)
2016-02-25 21:44Botnet C&CCryptoWall
eatside.es
(n/a)
2016-02-25 21:44Botnet C&CCryptoWall
double-wing.de
217.119.54.152 (- Germany)
2016-02-25 21:44Botnet C&CCryptoWall
domaine-cassillac.com
OVH213.186.33.87 (- France)
2016-02-25 20:31Botnet C&CLocky
185.22.67.27
185.22.67.27 (- Kazakhstan)
2016-02-25 20:02Payment SiteTeslaCrypt
kkd47eh4hdjshb5t.angortra.at
(n/a)

# of rows displayed: 100
# of entries in database: 13'867

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 >