Threat Actor Profile
Low
Cybercriminal
Description
New possible leak site posted to a forum on November 20th, 2022, no victims at present. Unclear if its for a ransomware or extortion group
Confidence Score
Tags
ransomware
ransomware.live
First Seen
Unknown
Last Updated
Unknown
Active Status
ActiveCreated
April 29, 2026
Indicators of Compromise
Loading IOCs…
IOC KQL for Sentinel
STIX Data
{'added_date': None,
'client': '2003264@sit.singaporetech.edu.sg',
'description': 'New possible leak site posted to a forum on November 20th, '
'2022, no victims at present. Unclear if its for a ransomware '
'or extortion group',
'firstseen': None,
'group': 'fsteam',
'has_negotiations': False,
'has_ransomnote': False,
'lastseen': None,
'locations': [{'available': False,
'fqdn': 'hkk62og3s2tce2gipcdxg3m27z4b62mrmml6ugctzdxs25o26q3a4mid.onion',
'slug': 'http://hkk62og3s2tce2gipcdxg3m27z4b62mrmml6ugctzdxs25o26q3a4mid.onion',
'title': 'Home',
'type': 'DLS'}],
'negotiation_count': 0,
'ransomnotes_count': 0,
'tiaras_metadata': {'has_negotiations': False,
'has_ransomnote': False,
'locations': [{'available': False,
'fqdn': 'hkk62og3s2tce2gipcdxg3m27z4b62mrmml6ugctzdxs25o26q3a4mid.onion',
'slug': 'http://hkk62og3s2tce2gipcdxg3m27z4b62mrmml6ugctzdxs25o26q3a4mid.onion',
'title': 'Home',
'type': 'DLS'}],
'negotiation_count': 0,
'ransomnotes_count': 0,
'ransomware_live_group': 'fsteam',
'tools': {},
'url': 'https://www.ransomware.live/group/fsteam',
'victims': 0,
'vulnerabilities': []},
'tiaras_source': 'ransomware.live',
'tools': {},
'ttps': [],
'url': 'https://www.ransomware.live/group/fsteam',
'victims': 0,
'vulnerabilities': []}