THREATNOIR
Subscribe
Back to Feed
RansomwareApr 3, 2026

‼️ New Ransomware Group: Krybit krybitxdpxohsmjooeb3gbgpmdddreh6mnflzac6bnezz74b7yje67yd[.]onion...

New ransomware group Krybit emerges with multiple Tor infrastructure.

Read at source

Summary

A previously unknown ransomware group called Krybit has been identified operating with multiple Tor-based command and control domains. The group's infrastructure suggests active operations, though specific victims or campaign details are not yet publicly disclosed. This represents an emerging threat that security teams should monitor for potential targeting.

Indicators of Compromise

  • domain — krybitxdpxohsmjooeb3gbgpmdddreh6mnflzac6bnezz74b7yje67yd.onion
  • domain — krybitx3fh5krdnhegyp2ob3lhizsaiadturtio3ginf7it5gsdgu2yd.onion
  • domain — krybitqsdzwmhnitvwuhvsntfgf2wrhxveyxroxpc44c6gkft2cqldyd.onion

Entities

Krybit (threat_actor)