APT / THREAT GROUP

Kinsing

4
aliases
Last seen:Mar 17, 2026

Intelligence Profile

This group started operating during the first quarter of 2022. They published samples of alleged stolen data from companies on their site on Tor. It is unclear if they conducted the attacks themselves, or if they bought leaked databases from third parties.

Threat Analysis

Kinsing is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.

External References

Quick Facts

TypeAPT / Threat Group
Aliases4
SourceMalpedia

Also Known As

h2minerKinsingMoney Libraelf.kinsing

External Intelligence

Malpedia: elf.kinsing

Research Links

Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.