← Back to Actors
INC Ransom
INC RansomGOLD IONIC
[INC Ransom](https://attack.mitre.org/groups/G1032) is a ransomware and data extortion threat group associated with the deployment of [INC Ransomware](https://attack.mitre.org/software/S1139) that has been active since at least July 2023. [INC Ransom](https://attack.mitre.org/groups/G1032) has targeted organizations worldwide most commonly in the industrial, healthcare, and education sectors in the US and Europe.(Citation: Bleeping Computer INC Ransomware March 2024)(Citation: Cybereason INC Ransomware November 2023)(Citation: Secureworks GOLD IONIC April 2024)(Citation: SentinelOne INC Ranso...
26
Techniques
26
Covered
0
Gaps
100%
Coverage
Coverage26/26
COVERED (26)
T1021.001Remote Desktop Protocol53 det.T1036.005Match Legitimate Resource Name or Location45 det.T1046Network Service Discovery51 det.T1047Windows Management Instrumentation88 det.T1049System Network Connections Discovery22 det.T1059.003Windows Command Shell83 det.T1069.002Domain Groups44 det.T1070.004File Deletion43 det.T1071Application Layer Protocol112 det.T1074Data Staged12 det.T1078Valid Accounts297 det.T1087.002Domain Account57 det.T1105Ingress Tool Transfer184 det.T1135Network Share Discovery20 det.T1190Exploit Public-Facing Application227 det.T1219Remote Access Tools42 det.T1486Data Encrypted for Impact374 det.T1537Transfer Data to Cloud Account27 det.T1560.001Archive via Utility26 det.T1562.001Disable or Modify Tools316 det.T1566Phishing1100 det.T1569.002Service Execution64 det.T1570Lateral Tool Transfer23 det.T1588.002Tool13 det.T1657Financial Theft15 det.T1685Disable or Modify Tools279 det.