INC Ransom Ransomware Targets IT4 Solutions Robras

The INC Ransom ransomware gang has attacked It4 Solutions Robras. IT4 Solutions Robras is a little-known IT company headquartered in Florida, USA. INC Ransom posted It4 Solutions Robras to its data leak site on September 6th but provided no further details.

INC represents a ransomware program that operates by encrypting data and subsequently demanding payment for decryption services. In our evaluation on a test system, this malicious software encrypted files and appended a ".INC" extension to their filenames. For example, a file initially labeled as "1.jpg" would appear as "1.jpg.INC," and "2.png" would become "2.png.INC," and so forth.

Encryption Process and Ransom Note

Following the completion of the encryption procedure, INC ransomware generated a ransom message titled "INC-README.txt." The content of this message makes it clear that this malware primarily targets businesses rather than individual users.

The ransom note issued by INC informs the victim that confidential data related to their company and clients has been exfiltrated. A 72-hour window is provided for the victim to establish contact with the attackers. Failure to meet this deadline will result in the exposure of the stolen information. The message also assures the victim that the cybercriminals possess the ability to swiftly restore the encrypted files without any data loss.