← Back to Actors
INC Ransom
INC RansomGOLD IONIC
[INC Ransom](https://attack.mitre.org/groups/G1032) is a ransomware and data extortion threat group associated with the deployment of [INC Ransomware](https://attack.mitre.org/software/S1139) that has been active since at least July 2023. [INC Ransom](https://attack.mitre.org/groups/G1032) has targeted organizations worldwide most commonly in the industrial, healthcare, and education sectors in the US and Europe.(Citation: Bleeping Computer INC Ransomware March 2024)(Citation: Cybereason INC Ransomware November 2023)(Citation: Secureworks GOLD IONIC April 2024)(Citation: SentinelOne INC Ranso...
25
Techniques
25
Covered
0
Gaps
100%
Coverage
Coverage25/25
COVERED (25)
T1021.001Remote Desktop Protocol51 det.T1036.005Match Legitimate Resource Name or Location44 det.T1046Network Service Discovery49 det.T1047Windows Management Instrumentation85 det.T1049System Network Connections Discovery21 det.T1059.003Windows Command Shell79 det.T1069.002Domain Groups42 det.T1070.004File Deletion40 det.T1071Application Layer Protocol100 det.T1074Data Staged12 det.T1078Valid Accounts252 det.T1087.002Domain Account55 det.T1105Ingress Tool Transfer170 det.T1135Network Share Discovery16 det.T1190Exploit Public-Facing Application208 det.T1219Remote Access Tools33 det.T1486Data Encrypted for Impact339 det.T1537Transfer Data to Cloud Account26 det.T1560.001Archive via Utility24 det.T1562.001Disable or Modify Tools300 det.T1566Phishing920 det.T1569.002Service Execution63 det.T1570Lateral Tool Transfer20 det.T1588.002Tool13 det.T1657Financial Theft12 det.