About 🦕 RansomLook 🦖 !

What is RansomLook ?

RansomLook is an open-source project aimed at assisting users in tracking ransomware-related posts and activities across various sites, forums, and Telegram channels.
The main components include:

• Blog monitoring and victim extraction
• Forum monitoring (parsing is not available)
• Overview of Ransomware Notes
• Tracking leaks from public sources
• Leak tracking from RecordedFuture provider (private API required)
• Monitoring of public Telegram channels
• Twitter account monitoring
• Monitoring of various known Bitcoin wallets

Is it free?

Yes, it is free, and more importantly, it is open-source.

RansomLook is licensed under the GNU General Public License v3.0.

How can I follow new posts?

There are various ways to stay updated with new posts:

• By running your own instance and enabling RocketChat and/or email notifications
• By checking the public instance: https://www.ransomlook.io
• By accessing the API
• By following us on Mastodon: @Ransomlook@social.circl.lu

There is NO official Telegram Channel!

Want to Be Part of the RansomLook Community?

Join us in making RansomLook even better! Here's how you can contribute:

• Create an issue on our GitHub repository.
• Submit your pull requests with new features or improvements.
• Share new sources of DLS (Darknet Leak Sites) with us.
• Report any bugs you come across.
• Suggest exciting new functionalities that could enhance RansomLook.

Credits & Thanks

RansomLook is maintained by Alexandre Dulaunoy (https://github.com/adulau/) and Fafner [_KeyZee_] (https://github.com/fafnerkeyzee).

We thank Tammy Harper for her contributions to adding new groups and her regular feedback to improve the project.

The code is based on RansomWatch.

External data are from:

• Malpedia for description
• Ransomwhe.re for cryptoCurrency
• threatlabz for the RansomNotes
• leak-lookup for the public leaks