R
Ransomwhere.org
Live MapLatest VictimsGroups
PaymentsTTPsIdentifyNewsDataAPI
LIVE
Ransomwhere.org

Real-time ransomware intelligence platform. Tracking threat actors, victims, and payments to raise awareness and help defend against ransomware attacks worldwide.

Platform

  • Live Map
  • Latest Victims
  • Groups
  • Payments
  • Identify
  • News

Resources

  • Data & Methodology
  • API Docs
  • NoMoreRansom
  • Ransomware.live
  • CISA Advisories

Data sourced from Ransomware.live API. For informational purposes only.

© 2026 Ransomwhere.org

Groups/underground

underground

Active
26
Victims
2
Sites

Known Leak Sites

undgrddapc4reaunnrdrmnagvdelqfvmgycuvilgwb5uxm25sxawaoqd.onionChat
47glxkuxyayqrvugfumgsblrdagvrah7gttfscgzn56eyss5wg3uvmqd.onionDLS

Victims (26)

Live
SFA Engineering
undergroundKR
GMORS Co., Ltd
undergroundTW
Afa Systems Ltd.
undergroundCA
shengyusteel.com
undergroundTW
semex.com
undergroundCA
Simmtech Co., Ltd.
undergroundKR
hcsgcorp.com
undergroundUS
Casio Computer Co., Ltd
undergroundJP
ramservices.com
underground
Ethypharm
undergroundFR
A-Line Staffing Solutions
underground
belcherpharma.com
undergroundUS
CentralSecurities.com
underground
www.belcherpharma.com
undergroundUS
kc.co.kr
undergroundKR
bulldogbag.com
undergroundCA
frenckengroup.com
undergroundSG
synology.com
undergroundDE
tpa-group.sk
undergroundSK
Triathlon.group
undergroundDE
awwg.com
undergroundES
KyungChang
underground
Y. Hata & Co., Ltd.
undergroundUS
Skender Construction
undergroundUS
Creative Business Interiors
undergroundUS

Top Targeted Countries

United States6
Unknown4
South Korea3
Canada3
Taiwan2

Activity

Total victims26
Countries affected12
Last seen