alphv attacks Jinko Solar

Incident Date:

February 25, 2022

World map



alphv attacks Jinko Solar


Jinko Solar




Islamabad, Pakistan

Punjab, Pakistan

First Reported

February 25, 2022

Jinko Solar Suffers Ransomware Attack by Alphv Group

Company Overview

Jinko Solar is a global leader in the solar industry, with a strong presence in the United States, Europe, and Australia. The company has been recognized as one of the top ten solar companies in China by SolarStar, an online media platform covering the solar industry.

Company Size and Vulnerabilities

Jinko Solar is a significant player in the solar energy market, with a market capitalization of over $10 billion. Despite its size and industry recognition, the company has faced legal challenges in the past, including a shareholder class action lawsuit in 2011. These legal issues may have left the company vulnerable to cyber attacks, as they often distract management and divert resources from cybersecurity efforts.

Industry Standout

Jinko Solar stands out in the solar industry for its global reach and commitment to innovation. The company has been recognized for its contributions to the solar sector and has a strong reputation in the market.

Ransomware Attack

The Alphv ransomware group has claimed responsibility for the attack on Jinko Solar. The group is known for its fast-moving operations, with a sample of the ransomware being created on February 13, 2023, and shared on VirusTotal on February 21, 2023. The attack on Jinko Solar is part of a broader trend of ransomware attacks on businesses, with 71% of organizations worldwide experiencing at least one ransomware attack in 2022.

The ransomware attack on Jinko Solar highlights the ongoing threat of cyber attacks on businesses, particularly those in the Energy, Utilities & Waste sector. Despite the company's size and industry recognition, it was still vulnerable to a ransomware attack. This incident underscores the importance of robust cybersecurity measures and the need for companies to remain vigilant against cyber threats.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.