Trinetra
Trinetra
Cyber Defense
Home / Threat Intel / Group · Incransom
Ransomware · Threat Group Dossier Active · currently disclosing victims

Incransom

Incransom is a ransomware operation with 764 publicly named victims. Double-extortion: data theft, encryption, leak-site shaming.

764
Named victims
165
In 2026
69
Countries hit
17 Apr 2026
Last disclosure

fingerprintDossier

Active since
Tracked on public leak sites
Origin / attribution
Unattributed
Known aliases
None publicly tracked.
Common initial access
Valid credentials, exposed remote services, phishing.
TTPs & tradecraft
Double-extortion: data theft, encryption, leak-site shaming.

publicTop countries hit

United States396
Canada45
Germany35
United Kingdom34
Australia22
France11
Austria10
Italy9

factoryTop sectors targeted

Not Found188
Healthcare102
Technology76
Business Services65
Manufacturing55
Education44
Public Sector30
Government25

historyRecent named victims

Mag. Fünder Hausverwaltungs GmbH
AT · Business Services · 17 Apr 2026
alupco.com
SA · Manufacturing · 17 Apr 2026
treelawoffice.com
US · Business Services · 17 Apr 2026
bgcsnv.org
US · Not Found · 17 Apr 2026
bdac.com.au
AU · Business Services · 12 Apr 2026
Straten & Kollegen
DE · Business Services · 12 Apr 2026
mastercom.com.au
AU · Telecommunication · 11 Apr 2026
morgancountyga.gov
US · Public Sector · 11 Apr 2026
www.campbell.edu
US · Education · 11 Apr 2026
wright-ryan.com
US · Business Services · 10 Apr 2026
martek co ltd.
TW · Manufacturing · 10 Apr 2026
Kannarr Eye Care
US · Healthcare · 10 Apr 2026
rxm.com.au
AU · Healthcare · 08 Apr 2026
pacificwestinjury.com
US · Healthcare · 07 Apr 2026
Community Connections
US · Not Found · 04 Apr 2026

Sourced from open leak-site monitoring · Generated 20 Apr 2026