mnt6
Ransomware group profile
3Victims
29Impact score
Description
mnt6 is a financially motivated ransomware group that emerged in April 2026, known for data exfiltration and encryption to extort victims. They pressure targets by listing compromised organizations on a dedicated data leak site to encourage ransom payment.
Key insights
- •Utilizes data exfiltration and encryption tactics for financial gain.
- •Employs initial access methods including exploiting vulnerabilities and spearphishing.
- •Uses legitimate system tools for unauthorized activities to evade detection.
- •Demands ransom through threats of public data release on a leak site.
- •Targets a wide range of industries, leveraging common ransomware tactics.
Threat Level & Status Breakdown
For mnt6 · Based on incidents in selected period
0.3threat level
Aggressiveness0.8/ 10
Lethality0/ 10
Criticality0/ 10
Status Breakdown
Claimed100.0%3
First seenApr 2026
Last seenMay 2026
Avg ransom—
Payment rate—
Statusactive
Sophistication0
Last updatedJun 2, 2026
Recent activity
Monthly attack count for mnt6 in the selected period
3Total attacks
2peak in Apr
1.5avg / month
↓ 1 vs first month
No intelligence data for this group.
TTPs & Attack Vectors
Tools, initial access, and MITRE ATT&CK techniques for mnt6
Other
T1486
T1486
T1490
T1490
T1041
T1041
T1021
T1021
T1562
T1562
T1078
T1078
T1059
T1059
T1021.001
T1021.001
T1074
T1074
T1105
T1105
T1583
T1583
Victims(3)
| Company | Domain | Country | Industry | Status | Discovered | |
|---|---|---|---|---|---|---|
| Photonic | — | CA Canada | Technology | Claimed | about 1 month ago | |
| McKay | — | NZ New Zealand | Government & Defense | Claimed | about 1 month ago | |
| Silfab Solar | — | IT Italy | Manufacturing | Claimed | about 1 month ago |
Affected countries(4)
Countries where this group has been reported to target or leak victims.