Live Latest activity →
SI

sinobi

Known ransomware group
Dormant / low-volume

Sinobi is a private vetted-affiliate RaaS group that emerged in mid-2025, believed to be a rebrand of the Lynx/INC ransomware lineage, claiming 176 victims by end of 2025 through double-extortion attacks primarily against mid-market US organizations via compromised SonicWall VPN credentials.

1

Total Claims

1

Critical

Records Claimed

1

Industries Hit

Active span: May 5, 2026 – May 5, 2026 · 1 organizations targeted

Dormant / low-volume
Activity 1.9 Severity 10.0 Sectors 2.3 Tooling 2.0

Actor Threat Profile

Activity Timeline

Peak: May 2026 (1)
May 2026
LessMore
May 2026

Share this profile

Shareable intel card for sinobi

Top Targeted Industries

Healthcare 1

Tradecraft & Infrastructure

0

Documented tools

7 / 10

MITRE tactics / techniques

8

Known leak sites

Full intelligence profile on ransomware.live →

Targeted Organizations

Neurotrials Research Inc

Claims by sinobi

Critical

Ransomware Claim: Neurotrials Research Inc

Neurotrials Research Inc
sinobi
Ransomware Healthcare
May 9, 2026

Never Miss a Critical Alert

CVE advisories, breach reports, and threat intel — delivered daily to your inbox.