Threat Actor Profile
Medium
Cybercriminal
Description
⚠️ The group appears unreliable. Most, if not all, of its alleged victims cannot be verified. WE HAVE DECIDED TO REMOVE ENTRIES FOR THIS GROUP
Confidence Score
Tags
ransomware
ransomware.live
First Seen
Unknown
Last Updated
Unknown
Active Status
ActiveCreated
April 29, 2026
Indicators of Compromise
Loading IOCs…
IOC KQL for Sentinel
STIX Data
{'added_date': '2026-03-21',
'client': '2003264@sit.singaporetech.edu.sg',
'description': '⚠️ The group appears unreliable. Most, if not all, of its '
'alleged victims cannot be verified. WE HAVE DECIDED TO REMOVE '
'ENTRIES FOR THIS GROUP',
'firstseen': '2023-03-27T17:17:04.302562+00:00',
'group': 'ALP-001',
'has_negotiations': True,
'has_ransomnote': False,
'lastseen': '2026-04-08T18:46:56.896240+00:00',
'locations': [{'available': False,
'fqdn': 'b4riuxx7ypobdptctf6lyfcvgi6vn74iurzdh4kn2agbk7472dvywgyd.onion',
'slug': 'http://b4riuxx7ypobdptctf6lyfcvgi6vn74iurzdh4kn2agbk7472dvywgyd.onion',
'title': 'ALP-001',
'type': 'DLS'}],
'negotiation_count': 1,
'ransomnotes_count': 0,
'tiaras_metadata': {'has_negotiations': True,
'has_ransomnote': False,
'locations': [{'available': False,
'fqdn': 'b4riuxx7ypobdptctf6lyfcvgi6vn74iurzdh4kn2agbk7472dvywgyd.onion',
'slug': 'http://b4riuxx7ypobdptctf6lyfcvgi6vn74iurzdh4kn2agbk7472dvywgyd.onion',
'title': 'ALP-001',
'type': 'DLS'}],
'negotiation_count': 1,
'ransomnotes_count': 0,
'ransomware_live_group': 'alp-001',
'tools': {},
'url': 'https://www.ransomware.live/group/alp-001',
'victims': 17,
'vulnerabilities': []},
'tiaras_source': 'ransomware.live',
'tools': {},
'ttps': [],
'url': 'https://www.ransomware.live/group/alp-001',
'victims': 17,
'vulnerabilities': []}