kazu
3 incidentes
2 paises
3 sectores
ransomware RU Ultimo: 2026-06-25
Kazu is a financially motivated ransomware group that emerged in early to mid-2025, operating a double extortion model by exfiltrating sensitive data prior to encrypting files and demanding payment. The group primarily targets government agencies, public-sector institutions, healthcare providers, and financial services organizations globally, with a notable focus on Latin America, Southeast Asia, and the Middle East. Kazu distinguishes itself by consistently leveraging dark web leak sites and social media channels to announce victims and pressure them into paying ransoms, frequently posting proof of stolen data from compromised entities.
RansomLook pivots
Data, inteligencia y referencias externas para contrastar actividad ransomware del actor.
TTPs observadas
Paises afectados
Paises objetivo (SOCRadar)
United Arab Emirates
ArgentinaBolivia, Plurinational State of
Canada
Switzerland
Colombia
Costa Rica
Spain
France
United KingdomSectores atacados
Technology (1)
Business Services (1)
Healthcare (1)
Sectores objetivo (SOCRadar)
Construction of BuildingsOther Information ServicesSoftware PublishersHospitalsConstructionPublic AdministrationEducational ServicesSpace & DefenseEnergy & Utilities Insurance
URLs nuevas detectadas en IntelTracker
Victimas (2)
zHealthEHR -- Practice Management Software for Chiropractic & Wellness Clinics26 Jan 2026
Ransomware 
United States Technology
United States Technology Resumen Se reporta un ataque de ransomware contra la plataforma zHealthEHR, una solución de gestión de prácticas para clínicas de fisioterapia y biene…
MyVete12 Jan 2026
Ransomware Spain Business Services
Spain Business Services Resumen MyVete, un software de gestión para clínicas veterinarias, fue objeto de un ataque de ransomware atribuido al grupo kazu. El incidente ocurrió…