Uptime Hamster: 15d 2h 59mDeploy: 13 Jul 2026 08:04Updated: 2026-07-14
Logo del actor de amenaza Iron Group

Iron Group

0 incidentes 0 paises 0 sectores apt CN Ultimo: -
Aliases: Iron Cyber Group, Roque, Bayer Cyber Attack, Xbash, ransomware
Ver en IntelTracker → APTTrail →
Iron Group is an advanced persistent threat (APT) actor first observed in late 2016 or early 2017, widely believed to be state-sponsored and operating from China. While the group possesses capabilities consistent with cyber-espionage and data theft, their operational history predominantly reveals a focus on financially motivated cybercrime, particularly through cryptocurrency mining and ransomware deployment. This dual operational nature, combining state-sponsored backing with cybercrime-for-profit activities, distinguishes Iron Group. They are also known by the aliases Iron Cyber Group and Rocke. Their activities have included deploying a variety of malware to infect systems across multiple platforms, engaging in large-scale cryptojacking operations, and using destructive malware disguised as ransomware for data exfiltration and deletion.

Aliases del actor

Iron Cyber GroupRoqueBayer Cyber AttackXbashransomware

Actores similares

iron-groupactor · 1bonacigroupransomware · 2thegreenbloodgroupransomware · 2vanirgroupransomware · 2Silent Ransom Group / LeakedDataransomware · 0ragroupransomware · 0Global Groupransomware · 0Group Space Bearsransomware · 0CyberVolk Ransomwareransomware · 0unknown ransomware groupransomware · 0

Canales, DLS e infraestructura asociada

Clasificacion automatica desde IntelTracker/APTTrail/OSINT. Estado real solo si viene indicado por la fuente.

TipoEstadoHost / enlaceTitle / ultimo titulo
DLS / leak siteupduckduckgo.comIron Group (China)
DLS / leak siteupduckduckgo.comIron Group (China)
Motivacion