Cyber Threat Report: 'GOLD IONIC DEPLOYS INC RANSOMWARE'
| Report Author | Secureworks |
|---|---|
| Publication Date | 2024-04-15 |
| Original Reporting | Source |
| Related Intrusion Sets | INC Ransomware Group , GOLD IONIC |
| Identified CVEs | CVE-2023-4966 |
| Victim Sectors | Technology, Manufacturing, Healthcare, Education |
This blog post from Secureworks describes the intrusion set they track as GOLD IONIC, also known as INC Ransom Group. The post outlines GOLD IONIC behaviour and victimology, identifying the actor as a closed group rather than operating a ransomware-as-a-service offering and working with affiliates. Secureworks have identified 72 victims on the GOLD IONIC Tor leak site between August 2023 and March 2024. Most victims were US based with top sectors targeted including industrial, healthcare and education.
Cyber Threat Graph Context
Explore how this report relates to the wider threat graph