Threat Group Profile
kairos
Dormant / historical
Victim claims
12
First seen
Apr 2026
Last activity
29 May 2026
Tracked since
β
Group overview
Kairos is a data extortion group active since late 2024 that focuses solely on data theft with no encryption, primarily targeting small-to-mid-sized organizations in healthcare, manufacturing, and business services in the US, purchasing initial access from brokers and demanding Bitcoin payments.
Preferred targets
Healthcare Β· 3
Public Sector Β· 2
Business Services Β· 2
Consumer Services Β· 2
Construction Β· 1
Transportation/Logistics Β· 1
Most targeted countries
US Β· 5
AU Β· 3
FR Β· 1
DE Β· 1
ES Β· 1
DK Β· 1