Ransomware Intelligence

cmdorganization Ransomware Group

Ransomware group profile

2Victims
70Impact score

Description

CMD Organization is a new ransomware group that surfaced in May 2026, claiming to be an IT security firm while engaging in ransomware activities. Their unique auction-based extortion model incentivizes financial gain through public listings of stolen data, setting them apart from traditional groups.

Key insights

  • Utilizes an auction-based extortion model to maximize ransom payments.
  • Exploits vulnerabilities in public-facing applications for initial access.
  • Focuses on data extraction from information repositories.
  • Employs tactics like double extortion and public data leaks on dark web platforms.
  • Operates using a combination of onion sites and clearnet domains.

Threat Level & Status Breakdown

For cmdorganization · Based on incidents in selected period

4.7threat level
Aggressiveness9/ 10
Lethality0/ 10
Criticality5/ 10
First seenMay 2026
Last seenMay 2026
Avg ransom
Payment rate
Statusactive
Sophistication0
Last updatedJul 14, 2026

Recent activity

Monthly attack count for cmdorganization in the selected period

2Total attacks
2peak in May
2avg / month
May00.511.52

No intelligence data for this group.

TTPs & Attack Vectors

Tools, initial access, and MITRE ATT&CK techniques for cmdorganization

Collection

T1213

Data from Information Repositories

T1071

Application Layer Protocol

Defense Evasion

T1562

Impair Defenses

Execution

T1059

Command and Scripting Interpreter

Impact

T1486

Data Encrypted for Impact

T1490

Inhibit System Recovery

Lateral Movement

T1021

Remote Services

Other

T1190

T1190

T1041

T1041

T1037

T1037

Persistence

T1078

Valid Accounts

T1547

Boot or Logon Autostart Execution

Victims(38)

CompanyDomainCountryIndustryStatusDiscovered
Target Energy Solutionstarget-energysolutions.comUS United StatesEnergy & Utilities
Unknown
1 day ago
Els for Autismelsforautism.orgUS United StatesHealthcare
Unknown
3 days ago
Golden Star Resourcesgsr.comGH GhanaEnergy & Utilities
Unknown
4 days ago
Finance Yorkshirefinance-yorkshire.comGB United KingdomFinancial Services
Unknown
6 days ago
Mount Royal UniversityCA CanadaEducation
Unknown
8 days ago
Medlink Georgiamedlinkga.orgGE GeorgiaHealthcare
Unknown
16 days ago
Port Angeles Compositepacomposite.comUS United StatesManufacturing
Unknown
16 days ago
Lørenskog kommunelorenskog.kommune.noNO NorwayGovernment & Defense
Unknown
16 days ago
METCO Services, Metco Southeastmetcoservices.comUS United StatesProfessional Services
Unknown
16 days ago
Fidelity Security Groupfidelitysecurity.coCO ColombiaFinancial Services
Unknown
17 days ago
Kohinoor Millskohinoormills.comIN IndiaManufacturing
Unknown
20 days ago
Coldstat Refrigerationcoldstat.comGB United KingdomOther
Unknown
22 days ago
EON Meditech Pvteonmeditech.comIN IndiaHealthcare
Unknown
23 days ago
Union Tractoruniontractor.comUS United StatesOther
Unknown
23 days ago
Wall ISDwallisd.netUS United StatesEducation
Unknown
24 days ago
Pinnacle Re-Tecpinnacleretec.comUS United StatesProfessional Services
Unknown
25 days ago
Southern design RVsoutherndesignrv.com.auAU AustraliaRetail & E-Commerce
Unknown
25 days ago
New FACOM Co., Ltd.s-facom.jpJP JapanManufacturing
Unknown
about 1 month ago
SeeWriteHearseewritehear.comGB United KingdomTechnology
Unknown
about 1 month ago
Lake Washington School Districtlwsd.wednet.eduUS United StatesEducation
Unknown
about 2 months ago

Page 1 of 2