KelvinSecurity is a team described in the source as hacktivist and "grey hat." Kaspersky reported constant activity from the KelvinSecurity team since at least 2015. The group has been observed selling and leaking databases, documents, and access belonging to entities worldwide. No additional high-confidence attribution, victimology breakdown, sub-groups, or specific TTP details are directly provided in the supplied content. Known alias in the provided content: kelvinsecurity.
Mallory correlates actor tradecraft and target patterns against your stack, your sector, and your geography. See overlap before they land.
1 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
Match sector + geo + tech-stack targeting against your real footprint.
Every observed MITRE ATT&CK technique, grouped by tactic.
Families this actor is known to deploy, with IOCs and behavior.
CVEs this actor has used in known campaigns.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Domains, IPs, and hashes tied to this actor, refreshed continuously.