How to access Ransomware sites?

2 min readJan 22, 2022


Hello again, today let’s discuss about accessing ransomware sites using TOR browser.

Every now and then, you would be seeing articles and news about new ransomware attacks and if you are active in twitter, many of them will be posting pics about the news feed of what the hackers posted on their particular ransomware sites.

But, you will also notice that none of them post “.onion” links, referring to twitter’s security policy about posting dangerous links.

But how do you find a particular “.onion” site address?

For starters, Install TOR browser. If you don’t know what “TOR” is, it is a dark search engine with “.onion” sites which by accessing you will be directed towards various nefarious websites such as hiring hitmans, hackers for hire, and every illegal activity you could think of.

But there’s a catch. How will you find if the websites are legitimate or not, whether it is a site set up by FBI, CIA, Interpol or any other alphabet agencies to filter out domestic terrorists, disrupt drug activities and so on. That’s the reason people will never recommend installing TOR browser.

As a great man once said, “With great power comes great responsibility”.

Anyway, since we are discussing about ransomware addresses, below is the list of famous ransomware sites.


If you need to search a new ransomware group .onion addresses, below search engine can be helpful for you called as “Ahmia Search Engine”. The link is given below:

Apart from the search engine, below is a site which collects all the ransomware addresses. So, instead of browsing every link I just gave you, just go this site, and you can find list of “.onion” ransomware sites.

NOTE: Some links might be in russian or a language that you may not understand, just download google translate browser extensions and load the site again.

Goodbye… We will meet again.




I try to analyze ransomware attacks | Static Code Analysis | Privacy & Security Updates | Pen Testing | Bug Bounty