TIARAS - donutleaks

Threat Actor Profile

Medium Cybercriminal
Confidence Score

100%
First Seen

Unknown
Last Updated

Unknown
Active Status

Active
Created

April 29, 2026
Indicators of Compromise

Loading IOCs…
IOC KQL for Sentinel

STIX Data

{'added_date': None,
 'client': '2003264@sit.singaporetech.edu.sg',
 'description': None,
 'firstseen': '2022-08-24T19:44:18.469151+00:00',
 'group': 'donutleaks',
 'has_negotiations': False,
 'has_ransomnote': False,
 'lastseen': '2024-07-24T14:38:56.328335+00:00',
 'locations': [{'available': False,
                'fqdn': 'sbc2zv2qnz5vubwtx3aobfpkeao6l4igjegm3xx7tk5suqhjkp5jxtqd.onion',
                'slug': 'http://sbc2zv2qnz5vubwtx3aobfpkeao6l4igjegm3xx7tk5suqhjkp5jxtqd.onion/',
                'title': '',
                'type': 'DLS'},
               {'available': False,
                'fqdn': 'qkbbaxiuqqcqb5nox4np4qjcniy2q6m7yeluvj7n5i5dn7pgpcwxwfid.onion',
                'slug': 'https://qkbbaxiuqqcqb5nox4np4qjcniy2q6m7yeluvj7n5i5dn7pgpcwxwfid.onion',
                'title': '_D0#Nut::__chat',
                'type': 'DLS'},
               {'available': False,
                'fqdn': 'doq32rjiuomfghm5a4lyf3lwwakt2774tkv4ppsos6ueo5mhx7662gid.onion',
                'slug': 'https://doq32rjiuomfghm5a4lyf3lwwakt2774tkv4ppsos6ueo5mhx7662gid.onion',
                'title': '_d0nut.::Files_',
                'type': 'Files'},
               {'available': False,
                'fqdn': 'dk4mkfzqai6ure62oukzgtypedmwlfq57yj2fube7j5wsoi6tuia7nyd.onion',
                'slug': 'http://dk4mkfzqai6ure62oukzgtypedmwlfq57yj2fube7j5wsoi6tuia7nyd.onion',
                'title': 'Index of /',
                'type': 'DLS'}],
 'negotiation_count': 0,
 'ransomnotes_count': 0,
 'tiaras_metadata': {'has_negotiations': False,
                     'has_ransomnote': False,
                     'locations': [{'available': False,
                                    'fqdn': 'sbc2zv2qnz5vubwtx3aobfpkeao6l4igjegm3xx7tk5suqhjkp5jxtqd.onion',
                                    'slug': 'http://sbc2zv2qnz5vubwtx3aobfpkeao6l4igjegm3xx7tk5suqhjkp5jxtqd.onion/',
                                    'title': '',
                                    'type': 'DLS'},
                                   {'available': False,
                                    'fqdn': 'qkbbaxiuqqcqb5nox4np4qjcniy2q6m7yeluvj7n5i5dn7pgpcwxwfid.onion',
                                    'slug': 'https://qkbbaxiuqqcqb5nox4np4qjcniy2q6m7yeluvj7n5i5dn7pgpcwxwfid.onion',
                                    'title': '_D0#Nut::__chat',
                                    'type': 'DLS'},
                                   {'available': False,
                                    'fqdn': 'doq32rjiuomfghm5a4lyf3lwwakt2774tkv4ppsos6ueo5mhx7662gid.onion',
                                    'slug': 'https://doq32rjiuomfghm5a4lyf3lwwakt2774tkv4ppsos6ueo5mhx7662gid.onion',
                                    'title': '_d0nut.::Files_',
                                    'type': 'Files'},
                                   {'available': False,
                                    'fqdn': 'dk4mkfzqai6ure62oukzgtypedmwlfq57yj2fube7j5wsoi6tuia7nyd.onion',
                                    'slug': 'http://dk4mkfzqai6ure62oukzgtypedmwlfq57yj2fube7j5wsoi6tuia7nyd.onion',
                                    'title': 'Index of /',
                                    'type': 'DLS'}],
                     'negotiation_count': 0,
                     'ransomnotes_count': 0,
                     'ransomware_live_group': 'donutleaks',
                     'tools': {},
                     'url': 'https://www.ransomware.live/group/donutleaks',
                     'victims': 42,
                     'vulnerabilities': []},
 'tiaras_source': 'ransomware.live',
 'tools': {},
 'ttps': [],
 'url': 'https://www.ransomware.live/group/donutleaks',
 'victims': 42,
 'vulnerabilities': []}
Threat Actor Profile

Confidence Score

Tags

First Seen

Last Updated

Active Status

Created

Indicators of Compromise

IOC KQL for Sentinel

STIX Data

Quick Actions

Please wait…
