JSON

ransomwhe.re ransomware addresses

Cryptocurrency addresses linked to payments for ransomware attacks

Ransomware is a form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption.

Cryptocurrencies have, in recent years, become a common method to transact ransom payments in such attacks. The ransomwhe.re site collects addresses (accounts) that are known to be linked to these payments.

Data overview

Entity count:7,508 target entities · 7,508 searchable entities · 7,508 total
Entity types:
Cryptocurrency wallets7,508
Publisher:ransomwhe.re / Jack Cable

Information:ransomwhe.re
Source data:api.ransomwhe.re (JSON)
Collections:in OpenSanctions Default · Warrants and Criminal Entities
Last changed:

Bulk download

Downloads contain the full set of entities contained in this dataset. You can fetch a simplified tabular form, or detailed, structured data in JSON format. Updated files will be provided once a day at the same location.

File nameExport typeSize
entities.ftm.jsonFollowTheMoney entities4 MB
names.txtTarget names text file1 kB
senzing.jsonSenzing entity format1 MB
source.jsonSource data4 MB
targets.nested.jsonTargets as nested JSON4 MB
targets.simple.csvTargets as simplified CSV2 MB

Help: Using the data · format reference · identifier use · commercial licensing

Using the API

You can query the data in this dataset via the application programming interface (API) endpoints below. Please read the introduction for documentation and terms of service.

Use the Reconciliation API in OpenRefine:
For full-text search, use the /search endpoint:
For entity matching, use the /match endpoint:

Recent additions

The following targeted entities have been added to this data source most recently:

AddedNameTypeCountries
bc1q0wf73xmcqkvrvs7tj49hznxqqgt6tp359gk0azCryptocurrency wallet
3G8hqexhV4yyLpneQ2qBNeLxAH7SpHwoehCryptocurrency wallet
1AereQUh8yjNPs9Wzeg1Le47dsqC8NNaNMCryptocurrency wallet
bc1q9jg45a039tn83jk2vhdpranty2y8tnpnrk9k5qCryptocurrency wallet
1DeNHM2eTqHp5AszTsUiS4WDHWkGc5UxHfCryptocurrency wallet
1DRxUFhvJjGUdojCzMWSLmwx7Qxn79XbJqCryptocurrency wallet
1HdgQM9bjX7u7vWJnfErY4MWGBQJi5mVWVCryptocurrency wallet
14oH2h12LvQ7BYBufcrY5vfKoCq2hTPoevCryptocurrency wallet
1Edcufenw1BB4ni9UadJpQh9LVx9JGtKpPCryptocurrency wallet
1DyMbw6R9PbJqfUSDcK5729xQ57yJrE8BCCryptocurrency wallet
1HZHhdJ6VdwBLCFhdu7kDVZN9pb3BWeUEDCryptocurrency wallet
bc1qy34v0zv6wu0cugea5xjlxagsfwgunwkzc0xcjjCryptocurrency wallet
1PopeZ4LNLanisswLndAJB1QntTF8hpLsDCryptocurrency wallet
bc1qz3lmcw4k58n79wpzm550r5pkzxc2h8rwmmu6xmCryptocurrency wallet
12xd6KrWVtgHEJHKPEfXwMVWuFK4k1FCUFCryptocurrency wallet
14cATAzXwD7CQf35n8Ea5pKJPfhM6jEHakCryptocurrency wallet
18wRbb94CjyTGkUp32ZM7krCYCB9MXUq42Cryptocurrency wallet
184ZcAoxkvimvVZaj8jZFujC7EwR3BKWvfCryptocurrency wallet
1AbRxRfP6yHePpi7jmDZkS4Mfpm1ZiatH5Cryptocurrency wallet
1LYiEgq9k3xSAddbqMZcsVTayJVoKbTFubCryptocurrency wallet
bc1q3xgr4z53cdaeyn03luhen24xu556y5spvyspt8Cryptocurrency wallet
bc1q25km8usscsra6w2falmtt7wxyga8tnwd5s870gCryptocurrency wallet
bc1q62vek72l4aahdhd84fkk8c2s2nv3sj8qgqv25gCryptocurrency wallet
bc1q6s0k4l8q9wf3p9wrywf92czrxaf9uvscyqp0fuCryptocurrency wallet
bc1q8ff3lrudpdkuvm3ehq6e27nczm393q9f4ydlgtCryptocurrency wallet
OverviewDownloadAPIRecent additions
OpenSanctions project
Project
Collections
Keep in touch

The data published on this site is licensed under the terms of Creative Commons 4.0 Attribution NonCommercial.

Made with in Berlin · Impressum · Privacy policy