Lynx v2 Active

INC Ransom derivative
PDF Report Back to Groups
2
Total Victims
2024-11-01
First Seen
2026-03-07
Last Seen
14
Known TTPs
8.1d
Avg Delay
0
Negotiations
ONION URLS
wvuc5gjtn2yay623v4p7vaijnpit7fadryxoxaghj6fhgyjh3ydfapua.onion
cuhwmg3jknmnzwwu5fs3jsutv7k2uj23no77bibaidnammegmrn6rtux.onion
TOOLS
INC source code
FILE EXTENSIONS
.lynx
ACTIVITY TIMELINE
TOP SECTORS
TOP COUNTRIES
ACTIVITY HEATMAP
Date Victim Name Country Sector Status
2026-03-07 Stellar Systems United States Education Published
2026-03-06 American Engineering Japan Non-Profit Published
Technique ID Technique Name Tactic
T1071.001 Web Protocols Command and Control
T1219 Remote Access Software Command and Control
T1003.001 LSASS Memory Credential Access
T1003.003 NTDS Credential Access
T1110.003 Password Spraying Credential Access
T1036.005 Match Legitimate Name or Location Defense Evasion
T1218.011 Rundll32 Defense Evasion
T1562.004 Disable or Modify System Firewall Defense Evasion
T1083 File and Directory Discovery Discovery
T1087 Account Discovery Discovery
T1059.006 Python Execution
T1489 Service Stop Impact
T1133 External Remote Services Initial Access
T1068 Exploitation for Privilege Escalation Privilege Escalation

No YARA rules

No IoCs

No ransom notes