Disclaimer — no legal advice. The information on this map is provided for general informational purposes only and does not constitute legal advice. Laws and regulations change frequently; always verify with a qualified legal counsel in the relevant jurisdiction before making any decision.
Sanctions and designated entities. This tool does not address, and expressly excludes from its scope, any payment made to a threat actor, group, or entity that is the subject of economic sanctions, asset-freeze measures, or similar restrictive designations issued by any competent authority (including, without limitation, the U.S. Office of Foreign Assets Control (OFAC), the EU, the UN Security Council, or equivalent national bodies). Regardless of the general legal status of ransom payments in a given jurisdiction, making any payment — directly or indirectly — to a sanctioned individual, group, or state-affiliated actor may constitute a strict-liability violation of applicable sanctions law, irrespective of knowledge or intent. Users are solely responsible for conducting their own sanctions screening prior to any payment.
The authors make no representations or warranties of any kind, express or implied, as to the accuracy, completeness, or timeliness of the data presented. Reliance on any information on this site is solely at your own risk.
This tool is maintained by ransomware.live as a community resource. The original concept is based on rkovar/ransomwarelegality.
Last reviewed: June 2026
Click any country on the map to see whether paying a ransomware demand is legal in that jurisdiction, along with official citations and reporting requirements.
Disclaimer: This is not legal advice. Laws change. Always consult qualified local legal counsel before making any decisions about ransomware payments.