KazuKazu

Profile

Kazu is a financially motivated ransomware group known for employing a double extortion model, targeting sectors such as healthcare and government. The group has claimed responsibility for multiple high-profile breaches, including those of Manage My Health and the Defensoría del Pueblo de Colombia, exfiltrating sensitive data through techniques like exploiting unpatched vulnerabilities and credential reuse. Kazu has demanded ransoms ranging from $60,000 to $500,000, threatening public disclosure of stolen data if payments are not made. Their operations have primarily focused on entities in Latin America, Asia, and the Middle East, with a notable presence on dark web leak sites.

References

  1. https://www.cyfirma.com/research/cyber-threat-landscape-report-united-arab-emirates-uae/
  2. https://botcrawl.com/national-civil-service-commission-of-colombia-data-breach/
  3. https://www.hipaajournal.com/doctor-alliance-data-breach-claim/
  4. https://databreaches.net/2025/11/18/from-bad-to-worse-doctor-alliance-hacked-again-by-same-threat-actor/
  5. https://botcrawl.com/saudi-icon-data-breach/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
Kairos
Software
Daixin
Actor
Daixin Team
Actor
Karakurt
Actor
Water Bakunawa
Software
Hotarus
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.