Kyber

Ransomware Group Profile

Overview

Kyber is a recently identified ransomware group using sophisticated hybrid encryption (AES-256-CTR with X25519 and Kyber1024), operating Tor-based communication channels and employing double-extortion with free partial decryption offered to build negotiation trust, discovered through underground forum monitoring in 2025.

Dark Web Infrastructure (3)
kyblogtz6k3jtxnjjvluee5ec4g3zcnvyvbgsnq5thumphmqidkt7xid.onion
mlnmlnnrdhcaddwll4zqvfd2vyqsgtgj473gjoehwna2v4sizdukheyd.onion
tp7e2ekeoqqozyq2t3oy53tzbybvg6ehtinc7kjowtpvbkssprkdmuid.onion
Activity Timeline
First Seen2026
Last Seen2026
Leak Sites3
Quick Actions
View All GroupsThreat Actors
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001