Skip to main content

Ransomwhere.org

Dashboard Live Map About Feed Groups

Payments TTPs Identify News API

LIVE

Ransomwhere.org

Real-time ransomware intelligence platform. Tracking threat actors, victims, and payments to raise awareness and help defend against ransomware attacks worldwide.

Platform

Live Map
Latest Victims
Groups
Payments
Identify
News

Resources

Data & Methodology
API Docs
RSS Feed
About
Privacy Policy
Terms of Service
NoMoreRansom
Ransomware.live
CISA Advisories

For informational purposes only.

© 2026 Ransomwhere.org

// group profile

kazu

Active

Kazu is an emerging ransomware group active since September 2025 that employs double-extortion tactics, targeting government, healthcare, and financial organizations primarily in Southeast Asia, the Middle East, and Latin America, with notable claimed breaches including Dubai's Ports, Customs and Free Zone Corporation with 1.94 TB exfiltrated.

9

Victims

1

Sites

Victims (9)

Live

zHealthEHR — Practice Management Software for Chiropractic & Wellness Clinics

kazuUnited States

MyVete

kazuSpain

ManageMyHealth - New Zealand

kazuNew Zealand

Saudi Icon

kazuSaudi Arabia

Leadway Assurance

kazuNigeria

CT Dent Ltd

kazuUnited Kingdom

National Civil Service Commission of Colombia

kazuColombia

Defensoría del Pueblo de Colombia – Protection and Promotion of Human Rights

kazuColombia

Doctor Alliance – Streamlined Document and Billing Management for Healthcare Providers

kazuUnited States

Known Leak Sites

6czlbd2jfiy6765fbnbnzuwuqocg57ebvp3tbm35kib425k4qnmiiiqd.onionDLS

Top Targeted Countries

United States2

Colombia2

Spain1

New Zealand1

Saudi Arabia1

Activity

Total victims9

Countries affected7

Last seenNo recent activity

Explore

Ransomware NewsRelated articles

Check DecryptorsFree tools

Payment DataRansom tracking

MITRE ATT&CKTechniques

Live MapGlobal view

Source: ransomware.live|Refreshes every 5 min