Incransom

Reports
48
First seen
May 12
Last seen
Jun 26
Motivation
extortion, financial, financial extortion

Targeting

Sectors
manufacturing ×12professional services ×6healthcare ×3financial services ×2other ×2technology ×2agriculture ×2media entertainment ×1
Victim regions
United States ×17Spain ×2Germany ×1Czechia ×1Türkiye ×1Switzerland ×1Romania ×1Australia ×1

Top ATT&CK techniques

T1005 Data from Local System ×2T1486 Data Encrypted for Impact ×2T1041 Exfiltration Over C2 Channel ×2T1110 Brute Force ×1T1078 Valid Accounts ×1T1021 Remote Services ×1T1567 Exfiltration Over Web Service ×1T1003 OS Credential Dumping ×1T1190 Exploit Public-Facing Application ×1

Indicators

domain ×77ip_v4 ×43url ×3hash_md5 ×2hash_sha1 ×1email ×1cve ×1

Indicator values are available on Pro and via the API.

Associated CVEs

Recent reports

High

Incransom claims new victim: callhorton.com

ransomware.live
High

Incransom publishes johndufourlaw.com as new victim

ransomware.live
High

Incransom ransomware gang publishes The Swanson Law Group as victim

ransomware.live
High

Incransom publishes Life Bridges as ransomware victim

ransomware.live
High

Incransom claims GSP Crop Science Pvt victim on ransomware.live

ransomware.live
High

Incransom publishes horizoneye.com as ransomware victim

ransomware.live
High

Incransom publishes Belpointe Asset Management as ransomware victim

ransomware.live
Medium

Incransom publishes jktornel as ransomware victim

ransomware.live
High

Incransom publishes Newspaper Media Group as ransomware victim

ransomware.live
Critical

Incransom claims breach of Horizon Family Medical Group, 7TB exfiltrated

ransomware.live
High

Incransom publishes NEUWOGES (Neubrandenburger Wohnungsgesellschaft) as ransomware victim

ransomware.live
High

Incransom claims Jasper Plastics Solutions in ransomware extortion

ransomware.live
High

Incransom claims Framesi Professional as new victim

ransomware.live
High

Incransom publishes Smith and Associates CPA as ransomware victim

ransomware.live
High

Incransom claims Kewaunee Scientific victim on ransomware.live

ransomware.live
High

Incransom claims Signazon USA printing company as ransomware victim

ransomware.live
Medium

Incransom publishes DISCOLABINDU as ransomware victim

ransomware.live
High

Incransom publishes fineconsulting as new victim

ransomware.live
High

Incransom publishes FIZA, Czech auditing firm, as ransomware victim

ransomware.live
High

Incransom publishes kelmreuter.com as new victim

ransomware.live
High

Incransom publishes O'Brien Engineering as ransomware victim

ransomware.live
High

Incransom publishes Stuga Machinery as victim on ransomware.live

ransomware.live
Medium

Incransom publishes new victim: pdcbodynits

ransomware.live
High

Incransom claims new victim: CUSTOMSIGN

ransomware.live
High

Incransom publishes Colina Financial Advisors as ransomware victim

ransomware.live
High

Incransom claims breach of Öztuğ Otomotiv, Turkish automotive supplier

ransomware.live
Medium

Incransom claims victim: trrac.net

ransomware.live
High

Incransom publishes Bradley law firm as ransomware victim

ransomware.live
High

Incransom publishes Champaign-Urbana Public Health District as ransomware victim

ransomware.live
High

Incransom publishes Labexpress and Garonit Pharma breach: 200 GB exfiltrated

ransomware.live

This page shows data on a 7-day delay. Free accounts get the full delayed feed; real-time reports, indicators, and the API start at $29/mo.