Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage | GlobeImposter

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-09-20 07:04Payment SiteCerber
unocl45trpuoefft.0kv6tw.bid
Eranet International Limited (n/a)
2016-09-20 07:04Payment SiteCerber
52uo5k3t73ypjije.bipnnp.bid
Eranet International Limited (n/a)
2016-09-20 06:50Payment SiteCerber
unocl45trpuoefft.jcife9.bid
Eranet International Limited (n/a)
2016-09-19 19:25Payment SiteCerber
4kqd3hmqgptupi3p.fairlies.link
Alpnames Limited (n/a)
2016-09-19 18:36Payment SiteCerber
52uo5k3t73ypjije.js43vy.bid
Eranet International Limited (n/a)
2016-09-19 18:34Botnet C&CLocky
46.38.52.225
46.38.52.225 (- Russian Federation)
2016-09-19 18:25Distribution SiteLocky
baftwaag.net
KEY-SYSTEMS GMBH (n/a)
2016-09-19 18:22Distribution SiteLocky
draybanga.info
Web Commerce Communications Limi[...] (n/a)
2016-09-19 18:22Distribution SiteLocky
magasjenny.ru
R01-RU (n/a)
2016-09-19 18:20Distribution SiteLocky
baftwaag.net
KEY-SYSTEMS GMBH (n/a)
2016-09-19 18:18Distribution SiteLocky
filmymima.net
PAKNIC (PRIVATE) LIMITED (n/a)
2016-09-19 18:15Distribution SiteLocky
baftwaag.net
KEY-SYSTEMS GMBH (n/a)
2016-09-19 18:14Distribution SiteLocky
magasjenny.ru
R01-RU (n/a)
2016-09-19 18:12Distribution SiteLocky
greegatha.in
Endurance Domains Technology Pvt[...] (n/a)
2016-09-19 18:11Distribution SiteLocky
thaihomecondo.com
ONLINENIC, INC.27.254.140.76 (- Thailand)
2016-09-19 18:11Distribution SiteLocky
draybanga.info
Web Commerce Communications Limi[...] (n/a)
2016-09-19 18:10Distribution SiteLocky
greegatha.in
Endurance Domains Technology Pvt[...] (n/a)
2016-09-19 18:09Distribution SiteLocky
draybanga.info
Web Commerce Communications Limi[...] (n/a)
2016-09-19 18:09Distribution SiteLocky
magasjenny.ru
R01-RU (n/a)
2016-09-19 18:08Distribution SiteLocky
greegatha.in
Endurance Domains Technology Pvt[...] (n/a)
2016-09-19 18:08Distribution SiteLocky
filmymima.net
PAKNIC (PRIVATE) LIMITED (n/a)
2016-09-19 18:05Distribution SiteLocky
filmymima.net
PAKNIC (PRIVATE) LIMITED (n/a)
2016-09-19 17:28Payment SiteCerber
wjtqjleommc4z46i.srtos7.bid
Eranet International Limited (n/a)
2016-09-19 16:03Payment SiteCerber
4kqd3hmqgptupi3p.choiceher.win
Alpnames Limited (n/a)
2016-09-19 12:19Payment SiteCerber
unocl45trpuoefft.md9eyv.bid
Eranet International Limited (n/a)
2016-09-19 11:23Distribution SiteLocky
dirkdj.nl
Dunique B.V.95.170.70.78 (- Netherlands)
2016-09-19 11:22Distribution SiteLocky
kursustokoonline.net
TUCOWS DOMAINS INC. (n/a)
2016-09-19 11:22Distribution SiteLocky
extramileteam.com
GODADDY.COM, LLC107.180.41.91 (- United States)
2016-09-19 11:20Distribution SiteLocky
win88id.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]148.66.136.214 (- Singapore)
2016-09-19 11:17Distribution SiteLocky
ncmartec.org
GoDaddy.com, LLC184.168.131.241 (- United States)
2016-09-19 11:16Distribution SiteLocky
zheng-du.com
HICHINA ZHICHENG TECHNOLOGY LTD.104.216.38.78 (- United States)
2016-09-19 11:16Distribution SiteLocky
festivaldhamaka.com
TUCOWS DOMAINS INC. (n/a)
2016-09-19 11:15Distribution SiteLocky
sadek-music.com
GODADDY.COM, LLC108.175.152.116 (- United States)
2016-09-19 11:15Distribution SiteLocky
lomtalay.com
ONLINENIC, INC.119.59.99.30 (- Thailand)
2016-09-19 11:15Distribution SiteLocky
fernandoarias.org
eNom, Inc.209.200.154.50 (- United States)
2016-09-19 11:14Distribution SiteLocky
heritagebaptistchurch.ca
Promo People Inc.198.185.159.144 (- United States) +3 A record(s) 198.185.159.145 (AS53831, - United States)
198.49.23.144 (AS53831, - United States)
198.49.23.145 (AS53831, - United States)
2016-09-19 11:12Distribution SiteLocky
hellolanguage.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]119.59.106.111 (- Thailand)
2016-09-19 11:12Distribution SiteLocky
fungasoap.net
TUCOWS DOMAINS INC.209.200.244.79 (- United States)
2016-09-19 11:12Distribution SiteLocky
puchipuchivirus.com
ENOM, INC.23.254.240.58 (- United States)
2016-09-19 11:12Distribution SiteLocky
burgeoservise.ru
REGRU-RU194.58.56.75 (- Russian Federation)
2016-09-19 11:12Distribution SiteLocky
techscape4.com
ENOM, INC.118.98.75.66 (- Indonesia)
2016-09-19 11:11Distribution SiteLocky
hotelcelnice.cz
REG-GRANSY81.200.63.131 (- Czech Republic)
2016-09-19 11:10Distribution SiteLocky
bobneal.net
GODADDY.COM, LLC144.208.78.50 (- United States)
2016-09-19 11:08Distribution SiteLocky
seokonya.com
BIZCN.COM, INC.23.20.239.12 (- United States)
2016-09-19 11:08Distribution SiteLocky
bernardchandran.com
WEB COMMERCE COMMUNICATIONS LIMI[...]117.53.152.232 (- Malaysia)
2016-09-19 11:07Distribution SiteLocky
judgedeborahshallcross.com
NETWORK SOLUTIONS, LLC. (n/a)
2016-09-19 11:07Distribution SiteLocky
grupoalana.com
GODADDY.COM, LLC23.20.239.12 (- United States)
2016-09-19 11:06Distribution SiteLocky
omeryilmaz.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]93.187.202.200 (- Turkey)
2016-09-19 11:05Distribution SiteLocky
scanarchives.com
ENOM, INC.72.52.230.193 (- United States)
2016-09-19 10:36Distribution SiteLocky
roxieimshi.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-09-19 10:36Distribution SiteLocky
foveawaac.net
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-09-19 10:36Distribution SiteLocky
merofid.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-09-19 10:35Distribution SiteLocky
foveawaac.net
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-09-19 10:35Distribution SiteLocky
foveawaac.net
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-09-19 10:35Distribution SiteLocky
roxieimshi.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-09-19 10:32Distribution SiteLocky
merofid.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-09-19 10:32Distribution SiteLocky
roxieimshi.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-09-19 10:30Distribution SiteLocky
roxieimshi.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-09-19 10:28Distribution SiteLocky
foveawaac.net
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-09-19 10:26Distribution SiteLocky
merofid.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-09-19 10:25Distribution SiteLocky
merofid.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-09-19 10:23Distribution SiteLocky
merofid.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-09-19 10:22Distribution SiteLocky
foveawaac.net
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-09-19 10:21Distribution SiteLocky
roxieimshi.com
WEB COMMERCE COMMUNICATIONS LIMI[...] (n/a)
2016-09-19 10:21Payment SiteCerber
unocl45trpuoefft.1cn41a.bid
Eranet International Limited (n/a)
2016-09-19 07:20Payment SiteCerber
unocl45trpuoefft.0kousz.bid
Eranet International Limited (n/a)
2016-09-19 05:24Payment SiteCerber
52uo5k3t73ypjije.f3z72p.bid
Eranet International Limited (n/a)
2016-09-18 12:01Payment SiteCerber
52uo5k3t73ypjije.xglk6h.bid
Eranet International Limited (n/a)
2016-09-18 11:37Distribution SiteLocky
smt112.com
INTERNET DOMAIN SERVICE BS CORP119.29.144.76 (- China)
2016-09-18 11:28Distribution SiteLocky
smt112.com
INTERNET DOMAIN SERVICE BS CORP119.29.144.76 (- China)
2016-09-18 10:26Payment SiteCerber
52uo5k3t73ypjije.3gpdgx.bid
Eranet International Limited (n/a)
2016-09-18 07:44Payment SiteCerber
52uo5k3t73ypjije.ajolkg.bid
Eranet International Limited (n/a)
2016-09-18 07:26Payment SiteCerber
unocl45trpuoefft.zbj2kc.bid
Eranet International Limited (n/a)
2016-09-18 05:33Payment SiteCerber
pmenboeqhyrpvomq.t4hvl4.bid
Eranet International Limited (n/a)
2016-09-18 05:17Payment SiteCerber
unocl45trpuoefft.7cevps.bid
Eranet International Limited (n/a)
2016-09-18 03:26Payment SiteCerber
52uo5k3t73ypjije.4pjetv.bid
Eranet International Limited (n/a)
2016-09-18 02:12Payment SiteCerber
wjtqjleommc4z46i.yfr0o1.bid
Eranet International Limited (n/a)
2016-09-17 20:31Payment SiteCerber
52uo5k3t73ypjije.68xmf9.bid
Eranet International Limited (n/a)
2016-09-17 18:40Payment SiteCerber
unocl45trpuoefft.jdf4je.bid
Eranet International Limited (n/a)
2016-09-17 17:41Payment SiteCerber
52uo5k3t73ypjije.iait3w.bid
Eranet International Limited (n/a)
2016-09-17 15:18Payment SiteCerber
52uo5k3t73ypjije.5o4bjf.bid
Eranet International Limited (n/a)
2016-09-17 13:22Payment SiteCerber
4kqd3hmqgptupi3p.myaddress.link
Alpnames Limited (n/a)
2016-09-17 11:53Payment SiteCerber
52uo5k3t73ypjije.zhvlh1.bid
Eranet International Limited (n/a)
2016-09-17 08:28Payment SiteCerber
wjtqjleommc4z46i.vh6vss.bid
Eranet International Limited (n/a)
2016-09-17 07:36Payment SiteCerber
52uo5k3t73ypjije.5ittco.bid
Eranet International Limited (n/a)
2016-09-17 04:38Payment SiteCerber
4kqd3hmqgptupi3p.yoursdoor.lol
Alpnames Limited (n/a)
2016-09-17 03:45Payment SiteCerber
wjtqjleommc4z46i.y2ijlz.bid
Eranet International Limited (n/a)
2016-09-17 00:19Payment SiteCerber
52uo5k3t73ypjije.pop81.com
ERANET INTERNATIONAL LIMITED (n/a)
2016-09-17 00:16Payment SiteCerber
52uo5k3t73ypjije.mn1kms.bid
Eranet International Limited (n/a)
2016-09-16 23:36Payment SiteCerber
52uo5k3t73ypjije.ai7hur.bid
Eranet International Limited (n/a)
2016-09-16 23:00Payment SiteCerber
4kqd3hmqgptupi3p.anypicked.red
Alpnames Limited (n/a)
2016-09-16 21:05Payment SiteCerber
4kqd3hmqgptupi3p.gapplayed.link
Alpnames Limited (n/a)
2016-09-16 20:14Payment SiteCerber
unocl45trpuoefft.zgheyh.bid
Eranet International Limited (n/a)
2016-09-16 20:06Payment SiteCerber
4kqd3hmqgptupi3p.metpast.site
AlpNames Limited (n/a)
2016-09-16 19:31Payment SiteCerber
wjtqjleommc4z46i.au6d1d.bid
Eranet International Limited (n/a)
2016-09-16 17:48Payment SiteCerber
4kqd3hmqgptupi3p.storingus.gdn
AlpNames Limited (n/a)
2016-09-16 16:27Payment SiteCerber
4kqd3hmqgptupi3p.7w9p1n.bid
Eranet International Limited (n/a)
2016-09-16 14:30Payment SiteCerber
52uo5k3t73ypjije.cpvwgx.bid
Eranet International Limited (n/a)
2016-09-16 13:52Distribution SiteLocky
zesthouse.com
NETOWL, INC.183.90.250.22 (- Japan)
2016-09-16 13:51Distribution SiteLocky
gumorca.com
NEUBOX INTERNET SA DE CV199.191.50.140 (- Virgin Islands)

# of rows displayed: 100
# of entries in database: 13'867

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 >