Threat actor · all actors
INC RansomG1032 unknown
aka INC Ransom, GOLD IONIC
Last updated: 2026-07-03
0attributed CVEs
34ATT&CK techniques
0.0IDF score (tooling uniqueness)
0exclusive CVEs
—years active
About this actor
[INC Ransom](https://attack.mitre.org/groups/G1032) is a ransomware and data extortion threat group associated with the deployment of [INC Ransomware](https://attack.mitre.org/software/S1139) that has been active since at least July 2023. [INC Ransom](https://attack.mitre.org/groups/G1032) has targeted organizations worldwide most commonly in the industrial, healthcare, and education sectors in the US and Europe.(Citation: Bleeping Computer INC Ransomware March 2024)(Citation: Cybereason INC Ransomware November 2023)(Citation: Secureworks GOLD IONIC April 2024)(Citation: SentinelOne INC Ransomware)
Source: MITRE ATT&CK
Activity timeline
No activity events recorded.
Profile
| CVE | Risk | CVSS | EPSS | Published | Products |
|---|---|---|---|---|---|
| No attributed CVEs. | |||||
Mitigating controls (NIST 800-53)
| Control | Techniques covered | Coverage |
|---|---|---|
SI-4 | 26 / 34 | 76% |
CM-6 | 23 / 34 | 68% |
CM-2 | 20 / 34 | 59% |
CM-7 | 20 / 34 | 59% |
SI-3 | 19 / 34 | 56% |
AC-3 | 17 / 34 | 50% |
AC-6 | 16 / 34 | 47% |
CA-7 | 16 / 34 | 47% |
AC-2 | 15 / 34 | 44% |
AC-5 | 12 / 34 | 35% |
SC-7 | 12 / 34 | 35% |
SI-7 | 12 / 34 | 35% |
CM-5 | 10 / 34 | 29% |
IA-2 | 10 / 34 | 29% |
RA-5 | 10 / 34 | 29% |
Co-occurring actors
None.
Similar actors
Similar TTPs
- C0018 0.33
- HomeLand Justice 0.32
- ToddyCat 0.31
- Chimera 0.30
- BlackByte 0.30