hacker-news · Crawled Jul 5, 2026

U.S. Government Entity Paid Kairos $1 Million in Data-Theft Extortion Case

1 IoCs 1 Actors
Read original article ↗

AI Summary

A U.S. government entity, likely Union County, Ohio, paid approximately $1 million to a threat actor named Kairos following a data theft extortion incident. Unlike traditional ransomware attacks, Kairos did not encrypt systems but instead exfiltrated sensitive data—including files from the prosecutor's office—and threatened to leak it unless paid. The attack highlights a growing trend of pure data-theft extortion, where the leverage is the threat of public data disclosure rather than encryption. The payment of 9.44 BTC was traced through blockchain to exchanges including Bybit, OKX, and the Russian service BELQI, but no confirmation of data deletion was verifiable.

AI-extracted · verify before operational use

Extracted Entities 1 found

Indicators of Compromise 1 extracted

Type Value Detail
Domain temp.sh Details →

MITRE ATT&CK TTPs 4 techniques