CRITICALRansomware
Global

FortiBleed Hacks Tied to INC Ransom and Lynx Operation

·Source: Bank Info Security

Updated:

Executive Summary

Theat Actor Accessed INC and Lynx Ransom Negotiation Panels SOCRadar linked the FortiBleed credential-harvesting operation to ransomware groups INC Ransom and Lynx, citing evidence that a sophisticated initial access broker compr

Analysis

Theat Actor Accessed INC and Lynx Ransom Negotiation Panels SOCRadar linked the FortiBleed credential-harvesting operation to ransomware groups INC Ransom and Lynx, citing evidence that a sophisticated initial access broker compromised more than 430,000 FortiGate firewalls, prioritized high-value organizations and enabled ransomware attacks against governments, critical infrastructure and major enterprises.

Indicators of Compromise (2)

URL (1)
https://ismg-cdn.nyc3.cdn.digitaloceanspaces.com/articles/fortibleed-tied-to-inc-ransom-lynx-operation-image_small-3-a-32147.jpg
Domain (1)
ismg-cdn.nyc3.cdn.digitaloceanspaces.com
Source Attribution

Originally published by Bank Info Security on Jul 2, 2026.

Related Threats