Ransomware Intelligence

lynx

Ransomware group profile

149Victims
RussiaSource country
93Impact score
Also Known As
Lynx Locker

Description

Lynx is a ransomware threat group primarily targeting critical infrastructure sectors such as energy, oil, and gas facilities in the United States. Utilizing tactics like phishing and exploiting known vulnerabilities, they employ double extortion methods to demand ransom while threatening to leak sensitive data. Their organized Ransomware-as-a-Service (RaaS) model enhances their operational capabilities through a structured affiliate program.

Key insights

  • Targets critical infrastructure, especially energy, oil, and gas sectors.
  • Employs phishing and exploits vulnerabilities for initial access.
  • Utilizes a Ransomware-as-a-Service model with a structured affiliate program.
  • Implements double extortion tactics by threatening to leak stolen data.
  • Uses advanced encryption methods including AES-128 and Curve25519.
  • Claims to avoid healthcare and government sectors but impacts them nonetheless.

Industries

EducationEnergy & UtilitiesFinancial ServicesGovernment & DefenseHealthcareHospitalityManufacturingOtherProfessional ServicesRetail & E-CommerceTechnologyTransportation

Threat Level & Status Breakdown

For lynx · Based on incidents in selected period

3.5threat level
Aggressiveness8/ 10
Lethality0/ 10
Criticality2.3/ 10

Status Breakdown

Data Leaked0.7%1
Claimed99.3%148
First seenJun 2025
Last seenJun 2026
Avg ransom
Payment rate
Statusactive
Sophistication0
Last updatedJun 23, 2026

Recent activity

Monthly attack count for lynx in the selected period

149Total attacks
26peak in Jan
11.5avg / month
↓ 2 vs first month
JunJulAugSepOctNovDecJanFebMarAprMayJun07142128

Intelligence

IOCs, YARA/Sigma rules, and related families for lynx

  1. 92bd61b94eb6c4e4d8b4f97452822f291a0c7bee75f2a3c753dc6ffea6ea32f6
  2. 6cb54ec004ff8b311e73ef8a8f69b8dd043b7b84c5499f4c6d79d462cea941d8
  3. 4fde7b67da86fdd1587f78254acf9cd6766a7d77
  4. 72231dc69a71f3ac971fa335dc79a04569dd7a09
  5. 5be3191c927141df1de4bd8270bc39e7bd2cfd7a14c6b1ebc97b80c666222892
  6. 0336d6a2348ce826be1f8e4b35bf99c2756cc9efed7be94692beffa13bb0b604
  7. d73bb7e1ccd8f55e885b7a6d0a885e4c08f7ac087c02ed67bd913761f3e1c9c7
  8. aa47802bdf8f0da3f86a4342ba60f48ec07274c725f7d133dbc47acd61a1cb11
  9. 4fef8b3cd13b424b88352f9dce2572d39d09a1bcd7f847a53863c1358c28281b
  10. a26f0a2da63a838161a7d335aaa5e4b314a232acc15dcabdb6f6dbec63cda642
  11. a875f9b3c1f31835b3f70c23a8a1daa06404b82d61887d035731eb13f649c0db
  12. ec5d494f2a6b8dac323887096152bd4851766d4119be1487597a4bcc86f12d36
  13. acce811c4fc2a6e3fddd4231e386f1648ca44f039d2d275316bc0a0fc96e0af4
  14. dd8a0eca78e9411b914b2ca3db3aaf6a45d03a6663caa17f2e2def93011d0867
  15. b175e1d4fe69da0be4db63996a804b204005923aabeedd9c02b615ea04986303
  16. 3490162e614e41b985aa759da2c36eed71da98445d0f57b0f46341ea2615bae2
  17. 5859e72f41ec951f10a188cc7d250b88
  18. cf1a1c9aee2f973048cdc47eb982a89a85c2dbe64edd3f49d9d0e849c6b50b60
  19. dd766c3b2ca6cbea1905751d5c252c0ee75ac70bafdf24b7ab17e5ff0f92bbfd
  20. 15cd13e0cad20394ec1405748e4bd50e3f27313c6274aee098c4eb0ede970b4c
  21. d8edd5305c58df8320a6b54d9c0d531d9a4e249a552e013d99ed04430911b6c4
  22. a83a8eb3b522c4517b8512f7f4e9335485fd5684b8653cde7f3b9b65c432fa81
  23. eb1917034d91f9379603731bcf293251e06dc21aa53b765b6d0316a0bd603f8c
  24. 842f01180f2a021aae47f5c0e6865847985691d28919554c81d01f162afb4e43
  25. c797616e878c1047bcce8ec299117954a26d56986a99e7592a5c61b7046255f1
  26. 1d9c4f86b96ed2393967188b131b7c437d29d77c696377f702e2bdc65a07cf23
  27. 254b7cca40f9e624b21841f60bff0919
  28. 898dde9055fb79d38470939940110aee98a83bbcfa2a0399c870de444540a56e
  29. f5a8ceb27bea2b49cc0c38da3b9007efc12db19e
  30. f19fe4251f62f0509c84bed3950fb07b9f5e84cb
  31. fc64bbc33e755451ba25d13209338bd628d68534d13cbf00992ae0f5fc97ca04
  32. 1531f13142fc0ebfb7b406d99a02ec6441fc9e40725fe2d2ac11119780995cd3
  33. 02e3c74a99cb7ade79eb879ed1513b5ed410eec981ce02bb0a7c2d6d654e0309
  34. 036a60aa2c62c8a9be89a2060e4300476aef1af2fd4d3dd8cac1bb286c520959
  35. be7ce2070d1e5e5dc1e2151b5431667161ccf5689db31566a6b49228da2c95fc
  36. e67260804526323484f564eebeb6c99ed021b960b899ff788aed85bb7a9d75c3
  37. d4f3f8b96ab909e8e4023a8cff4b0a9090c6f1bd01547521312f204777b62480
  38. e6f76a73180b4f2947764f4de57b52d037b482ece1a88dab9d3290e76be8c098
  39. 888d3a76d4a507159ab27eac808da6a9
  40. 7d96c24082eb222236381467545ea57c40fe49c4e208dc8e511ed80243de94e7
  41. 060eb4ce798e9e2470f4a36139c5c03c0bfacf0a611199b056280efc290f5861
  42. ce1438298244aa9085e47871c40dca4944fddf620ffadbb0a6c9158626556376
  43. d8c5600c09b316689c21aba141044efe25d4cadfd7cab61bfe99269f134f45c2
  44. daeba5633a414f92b666607203dcf0fd8bd023d619f4a25908e38837fd9a14bc
  45. 54dff94e2451ba3979c3b58ef4ee2612566f9e4bdca218ec7e24eb7fd11a8018
  46. fb1a21da08c9dc28c1cb855dce893e9c
  47. 0ba46a3bda93f50a567887e2c6df97663bf290352654dbf103236d3f6ab0bfab
  48. aa99338898c90e38e24c0e45ca891e25d468241d4fdba7108773ae1506c8cafb
  49. 338b572e3bd8679b6203b6e71f448485a206381fd097de3489a429b01593d585
  50. e7d68c174f38704d3bd220ce204117f558c60b348f24176b96fd7887602c30c6
  51. 4c15a5914d399a97dce2cf6452b991e5848f1f712397e9ff8381bd5cd3b8c9c0
  52. a573774fe2df9aad7e477cb0dce6cd175066763efc130e16b5438381c9076a6c
  53. fd280e33e84c88e97860930557dba3ff80b1a82d
  54. d0724e2613107953ee2f8e941ca917658bb51f8f6b753a0552f8a407abf2b840
  55. 7916a7366c35d5f6be9e5a114b104865b78ff68c4c4fec2a081c6fcfb6809fd2
  56. 9afe896bfb6dcdf30b18d7f9330212a28358255cc08f7365d18aee2030530483
  57. ed0423939b8ff10a7d61ba17d6377087df86bce043cbb94ba605d6770c5afcde
  58. a7efe6f7ee305427b023e0bd95e1f7de96e16ad36603ed8e01be859188015e63
  59. 667d7bd97fbbf9cb9bc37771040352e16776d7c900c68b14168b3c49a0a3c321
  60. e542c61ac26e366537d89ad2fbd8c5f448d440b4ff2174d10045c02197aa6bce
  61. a6895be42d9987762cf1b4b670c475014fe162c37b7fc6aec7ab816a7ab4078f
  62. 77fcd1e3b8097c60fc45308f41054167ec415365cba5906a22302854e83c8639
  63. efc90244ed03f76f97b76886351c9ff744629147af87b082de724d24e5e142e5
  64. f8dca20f0394e6c11a9bd8b9706e1dd9bca8f8f72d4edff36fbf311b0f40a610
  65. 050e8dcab5f3456b1ff65666d2afe3c3769288a2f1c83baa368010f592c7e808
  66. b162474a1265897ade9cfd7e681082f32a9291a01f19bb3beeb61e5a12e20682
  67. deea481121129d4779195e93fdc39ae62fecb168fd5a384d0ccf8082f06092e5
  68. 4c29b976165231c4d05b94b01b002ccc54c1d45f290940ac03bd8f22dada1f67
  69. 8863b4bafe1b56e8eebe1b06806573c7bdb8e7e7a8a0fe6fa6fab3b83ed5fd0f
  70. 0bec4a243d5ca6180c60f26d49f49db5
  71. e37c06be7d67fdff4fd2e1ea6013a5a41390ef6e74120d4fa3ecf0c05b2df730
  72. d5ffe5bab9b5b74bfe8dcc79c1438854a90ee930ae9106820d9488b7c729d49d
  73. 4c8cf7e19f636f8fcb23e30bb5010c2f57901f06e92b93277e962bb2c46d0714
  74. e5ed924d7e5d527c6398a9eb789036a921f66f658162971058a18315611aa84f
  75. 7f3b0682e57da055874455302178be52481a5161f3f3f805167b248a39b57c18
  76. 565031eaffb9b309737c04e9b6c6f865
  77. b88da2f6e5e9df5572e9d4dc87ed9f49
  78. 5e3533df6aa40e86063dd0c9d1cd235f4523d8a67d864aa958403d7b3273eaaf
  79. f62c8a93e2fdeb5e4a334f11dde380d632e03f5c919ae4f54a69c30de57bddb7
  80. 7459b0cef7ec5800c67c4179bebb5276e1a21582baa1beef54c965e1d687fcbb
  81. b98cac18d019392053223216d4415631ddf0b283f24e7382860b386723a4b6c4
  82. 4d43b4551f58c20920f5ffc9b450f1399afc4ff7925184e202adea00a57771ef
  83. 7f37351979c249417cb180b4ede0ed17e5fe2a1f08add4d72606b589f8fdb245
  84. 89d84ab72b2e5116f4a46b19f4d8096a0a9c7a88
  85. c6e7bb307ecfb29f407347bf14a1ecccf7f20d9fa9db289e0784b2a230bc9992
  86. b33ffa18c79888e8dd64aa9e3c9a60f1a66757377d8e8dbabe894b71b492f196
  87. b491cad0ac4780fb6c32249d5f1510037c178d89506eb0a6c8afe9b160d98189
  88. f96ecd567d9a05a6adb33f07880eebf1d6a8709512302e363377065ca8f98f56
  89. b6a61df3254bda3056900937e3e162ddeec3239bc5e1ac3488cef9aafbda21e4
  90. d65120291dee76c694f8bea54841f7f68329b499b28f4aee5ea5c9369a7432cb
  91. abe8e7db84be416f0a76e5cb12d5c15cfea879ba0ba376db29458a8d8bb902d3
  92. 6151293a059ecd2df2cdb32a58a4eb6647f736b4f7afcd5d0d5d942242b06218
  93. 55d9836dddac73e611cf7bfac7d2066cc0961e05337d1f91837680e4c57b8816
  94. ef78357ae8fa5c3065b53f051f76211ee77d8c818687fc1dfd83de71a05f755d
  95. a4840200cdc6fc37beabc18abb061df5
  96. a361a37dc0a74c169b3873447d3662ab4abb6816136168bd419a52cf3119e571
  97. db057d6796337e05812ca2926b5503442f2201c53afb506e90c279e11bf1a7af
  98. 030a1d6fc3cad2d18bb0b00fa5f663eb80fd24fc
  99. b3b970ba2a434ca224efafe05aad1d06
  100. 355943647f64d2bf53428fd32619824effd940681e5259e2921a30f3c4c7816b
  101. 97969978799100c7be211b9bf8a152bbd826ba6cb55377284537b381a4814216
View full IOC feed500 total

TTPs & Attack Vectors

Tools, initial access, and MITRE ATT&CK techniques for lynx

CVE-2024-54085
CVE-2024-0769
Other

T1486

T1486

T1490

T1490

T1059

T1059

T1080

T1080

T1562

T1562

T1021

T1021

T1078

T1078

T1547

T1547

T1021.001

T1021.001

T1005

T1005

T1057

T1057

Victims(152)

CompanyDomainCountryIndustryStatusDiscovered
www.eastersealsia.orgeastersealsia.orgSG SingaporeHealthcare
Claimed
6 days ago
www.someco.comsomeco.comUS United States
Claimed
6 days ago
www.wolfconstruction.netwolfconstruction.netUS United StatesOther
Claimed
6 days ago
www.commonwealth-partners.comcommonwealth-partners.comGB United KingdomProfessional Services
Claimed
13 days ago
jacksoncountyin.comjacksoncountyin.comUS United StatesGovernment & Defense
Claimed
about 1 month ago
bayareaherbs.combayareaherbs.comUS United StatesRetail & E-Commerce
Claimed
about 1 month ago
st-annes.uk.comst-annes.uk.comGB United KingdomEducation
Claimed
about 1 month ago
lifelongaccess.orglifelongaccess.orgUS United StatesHealthcare
Claimed
about 1 month ago
funkychunky.comfunkychunky.comUS United StatesRetail & E-Commerce
Claimed
about 1 month ago
csb-battery.comcsb-battery.comTW TaiwanManufacturing
Claimed
about 1 month ago
ossistemes.comossistemes.comES SpainTechnology
Claimed
about 1 month ago
www.kurita.eukurita.euDE GermanyManufacturing
Claimed
about 1 month ago
StonehengeTH ThailandOther
Claimed
2 months ago
cwwcontractors.comUS United StatesOther
Claimed
2 months ago
sentrydynamics.comUS United StatesTechnology
Claimed
2 months ago
ACNHealthcareDE GermanyHealthcare
Claimed
3 months ago
www.smithdollar.comsmithdollar.comUS United StatesProfessional Services
Claimed
3 months ago
njpcs.orgUS United StatesHealthcare
Claimed
3 months ago
Go to the publication
Claimed
3 months ago
indrub.comindrub.comIN IndiaManufacturing
Claimed
3 months ago

Page 1 of 8

Affected countries(64)

Countries where this group has been reported to target or leak victims.

🇦🇪United Arab Emirates🇦🇴Angola🇦🇷Argentina🇦🇹Austria🇦🇺AustraliaAruba🇧🇪Belgium🇧🇷Brazil🇨🇦Canada🇨🇭Switzerland🇨🇱Chile🇨🇳China🇨🇴Colombia🇨🇷Costa Rica🇨🇿Czech Republic🇩🇪Germany🇩🇰Denmark🇩🇲Dominica🇩🇿Algeria🇪🇸Spain🇪🇹Ethiopia🇫🇮Finland🇫🇷France🇬🇧United Kingdom🇭🇰Hong Kong🇮🇩Indonesia🇮🇪Ireland🇮🇱Israel🇮🇳India🇮🇹ItalyJersey🇯🇲Jamaica🇯🇵Japan🇰🇪KenyaKorea, Republic of🇰🇼Kuwait🇲🇦Morocco🇲🇹Malta🇲🇽Mexico🇲🇾Malaysia🇳🇱Netherlands🇳🇴Norway🇳🇿New Zealand🇵🇦Panama🇵🇪Peru🇵🇭Philippines🇵🇰Pakistan🇵🇱PolandPuerto Rico🇵🇹Portugal🇵🇾Paraguay🇷🇴RomaniaRussian Federation🇸🇦Saudi Arabia🇸🇪Sweden🇸🇬SingaporeSyrian Arab Republic🇹🇭Thailand🇹🇷TurkeyTaiwan, Province of China🇺🇸United StatesVenezuela, Bolivarian Republic of🇼🇸Samoa🇿🇦South Africa