APT / THREAT GROUP

Iron

1
aliases

Intelligence Profile

It is currently unknown if Iron is indeed a new variant by the same creators of Maktub, or if it was simply inspired by the latter, by copying the design for the payment portal for example.

We know the Iron ransomware has mimicked at least three ransomware families:Maktub (payment portal design)

DMA Locker (Iron Unlocker, decryption tool)

Satan (exclusion list)

Threat Analysis

Iron is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.

Intelligence Reports Mentioning Iron

External References

Quick Facts

TypeAPT / Threat Group
Aliases1

Also Known As

Iron

Research Links

Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.
Iron — APT / Threat Group | Threat Intelligence | CTIWATCH.COM