Cryptocurrency addresses linked to payments for ransomware attacks
Ransomware is a form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption.
Cryptocurrencies have, in recent years, become a common method to transact ransom payments in such attacks. The ransomwhe.re site collects addresses (accounts) that are known to be linked to these payments.
| Entity count: | 10,329 target entities · 10,329 searchable entities · 10,329 total | ||
|---|---|---|---|
| Entity types: |
| ||
| Publisher: | ransomwhe.re / Jack Cable non-official source | ||
| Information: | ransomwhe.re | ||
| Source data: | api.ransomwhe.re (JSON) | ||
| Collections: | in Warrants and Criminal Entities · OpenSanctions Default | ||
| Last changed: |
Downloads contain the full set of entities contained in this dataset. You can fetch a simplified tabular form, or detailed, structured data in JSON format. Updated files will be provided once a day at the same location.
| File name | Export type | Size | |
|---|---|---|---|
entities.ftm.json | FollowTheMoney entities | 5 MB | |
names.txt | Target names text file | 1 kB | |
senzing.json | Senzing entity format | 2 MB | |
source.json | Source data | 5 MB | |
targets.nested.json | Targets as nested JSON | 5 MB | |
targets.simple.csv | Targets as simplified CSV | 2 MB |
Help: Using the data · format reference · identifier use · commercial licensing
You can query the data in this dataset via the application programming interface (API) endpoints below. Please read the introduction for documentation and terms of service.
| Use the Reconciliation API in OpenRefine: | |
For full-text search, use the /search endpoint: | |
For entity matching, use the /match endpoint: |
The following targeted entities have been added to this data source most recently:
| Added | Name | Type | Countries |
|---|---|---|---|
| bc1qft3s53ur5uq5ru6sl3zyr247dpr55mnggwucd3 | Cryptocurrency wallet | ||
| bc1qgsuf5m9tgxuv4ylxcmx8eeqn3wmlmu7f49zkus | Cryptocurrency wallet | ||
| bc1qc48q628t93xwzljtvurpqhcvahvesadpwqtsza | Cryptocurrency wallet | ||
| bc1q6rsj3cn37dngypu5kad9gdw5ykhctpwhjvun3z | Cryptocurrency wallet | ||
| bc1q9cj0n9k2m282x0nzj6lhqjvhkkd4h95sewek83 | Cryptocurrency wallet | ||
| bc1qaselp9nhejc3safcq3vn5wautx6w33x0llk7dl | Cryptocurrency wallet | ||
| bc1q4vr25xkth35qslenqwd7aw020w85qrvlrhv7hc | Cryptocurrency wallet | ||
| bc1q6zkemtyyrre2mkk23g93zyq98ygrygvx7z2q0t | Cryptocurrency wallet | ||
| bc1q5uc0fdnz0ve5pg4nl4upa9ly586t6wmnghfe7x | Cryptocurrency wallet | ||
| bc1qhpepeeh7hlz5jvrp50uhkz59lhakcfvme0w9qh | Cryptocurrency wallet |
OpenSanctions is free for non-commercial users. Businesses must acquire a data license to use the dataset.
