Saudi Icon
Saudi Icon
Group: Kazu
Discovered by ransomware.live: 2025-12-29
Estimated attack date: 2025-12-29
Country:
Data exfiltrated: 4.15 TB
Ransom: $400 000
Description:
Saudi Icon specializes in design and build solutions, offering a holistic approach to construction and turn-key services. The company caters to a diverse clientele, including hotels, workspaces, restaurants, gyms, and healthcare facilities across Saudi Arabia. With a focus on creativity, functionality, and quality construction, Saudi Icon aims to redefine modern living through thoughtful design and tailored services. Their extensive portfolio showcases significant projects, along with a reputation for delivering high-end fit-out solutions and innovative constructions
Compromised Employees: 5
Compromised Users: 0
Third Party Employee Credentials: 27
External Attack Surface: 2
Infostealer Distribution
DNS Records:
The following DNS records were found for the victim's domain.
- ypsgbmhtgr@whoisprivacyprotect.com
- abuse@enom.com
- alt2.aspmx.l.google.com.
- aspmx.l.google.com.
- alt3.aspmx.l.google.com.
- alt4.aspmx.l.google.com.
- alt1.aspmx.l.google.com.
- v=spf1 mx a ip4:184.168.115.221 include:_spf.google.com ~all
- MS=ms88577010
Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.