APT / THREAT GROUP
Kinsing
4
aliases
Last seen:Mar 17, 2026
Intelligence Profile
This group started operating during the first quarter of 2022. They published samples of alleged stolen data from companies on their site on Tor. It is unclear if they conducted the attacks themselves, or if they bought leaked databases from third parties.
Threat Analysis
Kinsing is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.
External References
Quick Facts
TypeAPT / Threat Group
Aliases4
SourceMalpedia
Also Known As
h2minerKinsingMoney Libraelf.kinsing
External Intelligence
Malpedia: elf.kinsingResearch Links
Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.