The increasing number of cyberattacks in recent years has expedited development of innovative tools to quickly detect new threats. A recent approach to this problem is to analyze the content of online social networks to discover the rising of ransomware attacks. Twitter is a popular micro-blogging platform which allows millions of users to share their opinions on what happens all over the world. The subscribers can tweet messages of maximum 280 characters to share general information with URLs and hash tags. In this paper, we analysed 25 families of ransomware over a period of 7 years, from 2010 to 2017. We proposed a deep learning architecture to categorize ransomware tweets to their corresponding family. The proposed method can continuously monitor the online posts in social media data and thus is able to provide early warnings about ransomware spreads. This helps the incident management to better prioritize resources and procedures to mitigate the malicious activities. Tests have been performed to evaluate the performance of the proposed method and results show the effectiveness of our implementation.