Ransomwhere.org

Live Map Latest Victims Groups

Payments TTPs Identify News Data API

LIVE

Ransomwhere.org

Real-time ransomware intelligence platform. Tracking threat actors, victims, and payments to raise awareness and help defend against ransomware attacks worldwide.

Platform

Live Map
Latest Victims
Groups
Payments
Identify
News

Resources

Data & Methodology
API Docs
NoMoreRansom
Ransomware.live
CISA Advisories

Data sourced from Ransomware.live API. For informational purposes only.

© 2026 Ransomwhere.org

Groups/babuk2

babuk2

Inactive

Babuk Locker 2.0, also known as Bjorka or SkyWave, after failing to make any profit from selling public databases on forums, decided to impersonate Babuk Ransomware group. He launched a blog where he claimed multiple public breaches from BreachForums as ransomware attacks

180

Victims

4

Sites

Known Leak Sites

7dikawx73goypgfi4zyo5fcajxwb7agemmiwqax3p54aey4dwobcvcyd.onionDLS

bxwu33iefqfc3rxigynn3ghvq4gdw3gxgxna5m4aa3o4vscdeeqhiqad.onionDLS

212.24.99.211.DLS

5g2e.l.time4vps.cloudDLS

Victims (180)

Live

tecnologias.mspz2.gob.ec

turkish defense military

rheinmetall.com (Rheinmetall Defence)

gangotreehomes.com (RealEstate)

Secret plans of Indian army

Bangladesh Armed Forces (BangLadesh Army)

Saudi Arabian military and government internal center

Hellenic Airforce

ezbuy.sg (Singapore Shopping)

Iran gas service system

kfar hatta medical center - Lebanon

Polizia italia mail access

zalora.sg (Singapore Shopping)

ascires.com

aosense.com - AO Sense INC.

dardoc.com

navy-mil-bd

drdo.gov.in

uniproof.com.br

(UPDATE) - whitecapcanada.com

pln.co.id - PLN INDONESIA

moh.gov.rw

iDRAC (Integrated Dell Remote Access Controller) management interface for Dell servers

elsoms.com

brune.com.br - Group MC (conglomerate)

Top Targeted Countries

United States32

Brazil15

Unknown12

India10

Indonesia9

Activity

Total victims180

Countries affected52

Last seen