← Back to Actors
INC Ransom
INC RansomGOLD IONIC
[INC Ransom](https://attack.mitre.org/groups/G1032) is a ransomware and data extortion threat group associated with the deployment of [INC Ransomware](https://attack.mitre.org/software/S1139) that has been active since at least July 2023. [INC Ransom](https://attack.mitre.org/groups/G1032) has targeted organizations worldwide most commonly in the industrial, healthcare, and education sectors in the US and Europe.(Citation: Bleeping Computer INC Ransomware March 2024)(Citation: Cybereason INC Ransomware November 2023)(Citation: Secureworks GOLD IONIC April 2024)(Citation: SentinelOne INC Ranso...
26
Techniques
26
Covered
0
Gaps
100%
Coverage
Coverage26/26
COVERED (26)
T1021.001Remote Desktop Protocol53 det.T1036.005Match Legitimate Resource Name or Location44 det.T1046Network Service Discovery51 det.T1047Windows Management Instrumentation87 det.T1049System Network Connections Discovery22 det.T1059.003Windows Command Shell82 det.T1069.002Domain Groups44 det.T1070.004File Deletion42 det.T1071Application Layer Protocol104 det.T1074Data Staged12 det.T1078Valid Accounts280 det.T1087.002Domain Account57 det.T1105Ingress Tool Transfer183 det.T1135Network Share Discovery20 det.T1190Exploit Public-Facing Application216 det.T1219Remote Access Tools40 det.T1486Data Encrypted for Impact360 det.T1537Transfer Data to Cloud Account26 det.T1560.001Archive via Utility26 det.T1562.001Disable or Modify Tools311 det.T1566Phishing996 det.T1569.002Service Execution64 det.T1570Lateral Tool Transfer22 det.T1588.002Tool13 det.T1657Financial Theft14 det.T1685Disable or Modify Tools278 det.