Skip to main content

Ransomwhere.org

Dashboard Live Map About Feed Groups

Payments TTPs Identify News API

LIVE

Ransomwhere.org

Real-time ransomware intelligence platform. Tracking threat actors, victims, and payments to raise awareness and help defend against ransomware attacks worldwide.

Platform

Live Map
Latest Victims
Groups
Payments
Identify
News

Resources

Data & Methodology
API Docs
RSS Feed
About
Privacy Policy
Terms of Service
NoMoreRansom
Ransomware.live
CISA Advisories

For informational purposes only.

© 2026 Ransomwhere.org

// group profile

bert

Inactive

BERT is a newly emerged ransomware group first identified in mid-2025, targeting Windows and Linux platforms across healthcare, technology, and event services sectors in Asia, Europe, and the US, with ransomware derived from a Linux variant of REvil using AES encryption and multi-threaded file locking.

7

Victims

1

Sites

Victims (7)

Live

S5 Agency World

bertUnited Kingdom

Columbia TI

bertColombia

Wawasan Dengkil Sdn Bhd

bertMalaysia

ALL RING TECH CO., LTD.

bertTaiwan

SIMCO Electronics

bertUnited States

Yozgat City Hospital

bertTurkey

National Ticket Company

bertUnited States

Known Leak Sites

bertblogsoqmm4ow7nqyh5ik7etsmefdbf25stauecytvwy7tkgizhad.onionDLS

Top Targeted Countries

United States2

United Kingdom1

Colombia1

Malaysia1

Taiwan1

Activity

Total victims7

Countries affected6

Last seenNo recent activity

Explore

Ransomware NewsRelated articles

Check DecryptorsFree tools

Payment DataRansom tracking

MITRE ATT&CKTechniques

Live MapGlobal view

Source: ransomware.live|Refreshes every 5 min