Trinity

Ransomware Group Profile

Overview

Trinity ransomware was first discovered in May 2024, believed to be a rebrand of the Venus/2023Lock variants, using ChaCha20 encryption and double-extortion via a Tor leak site; the US HHS flagged it as a specific threat to the healthcare sector after confirmed attacks on healthcare organizations.

Dark Web Infrastructure (1)
txtggyng5euqkyzl2knbejwpm4rlq575jn2egqldu27osbqytrj6ruyd.onion
Activity Timeline
First Seen2025
Last Seen2025
Leak Sites1
Quick Actions
View All GroupsThreat Actors
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001