Uptime Hamster: 0d 0h 0mDeploy: 5 Jul 2026 10:25Updated: 2026-07-10

Ido Cohen: The Icarus supply chain extortion campaign continues to unfold. The group has now added 5 additional victims, all with their identities partially concealed. The guessing game has officially begun. How many organizations were impacted through this supply chain incident? And are we witnessing the emergence of a serious competitor to CLOP in the supply chain extortion arena? We'll know more soon.

Fecha
23 Jun 2026
Actor
ido_cohen2
Tipo
Ransomware
Pais
United States
Sector
Media
Confianza
high
63
Prioridad analitica
Media

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

1IOCs
1TTPs
ido_cohen2Actor
United StatesPais
Executive Summary
Independent cyber threat research covering malware campaigns, phishing infrastructure and vulnerability exploitation.

Key Points

  • Tweet original en X
  • Perfil de @ido_cohen2

The Icarus supply chain extortion campaign continues to unfold. The group has now added 5 additional victims, all with their identities partially concealed. The guessing game has officially begun. How many organizations were impacted through this supply chain incident? And are we witnessing the emergence of a serious competitor to CLOP in the supply chain extortion arena? We'll know more soon.

Independent cyber threat research covering malware campaigns, phishing infrastructure and vulnerability exploitation.


The Icarus supply chain extortion campaign continues to unfold. The group has now added 5 additional victims, all with their identities partially concealed. The guessing game has officially begun. How many organizations were impacted through this supply chain incident? And are we witnessing the emergence of a serious competitor to CLOP in the supply chain extortion arena? We'll know more soon. Track the latest developments: darkfeed.io/get-started/ #Icarus #Ransomware #SupplyChainAttack #CyberExtortion #ThreatIntelligence #CTI DarkFeed (@ido_cohen2) Supply Chain Extortion Alert The Icarus ransomware group has escalated pressure tactics against a major Canadian consulting and competitive intelligence provider. After initially naming the organization, the group is now threatening to release data belonging to the company's clients, giving them a deadline to make contact before publication begins. This development highlights the growing risk of supply chain extortion, where a single breach can expose dozens or even hundreds of downstream organizations. #Ransomware #SupplyChainSecurity #CyberSecurity #ThreatIntelligence #DataBreach #Icarus #CyberThreats — https://nitter.net/ido_cohen2/status/2068704469882220882#m

Ido Cohen: The Icarus supply chain extortion campaign continues to unfold. The group has now added 5 additional victims, all with their identities partially concealed. The guessing game has officially begun. How many organizations were impacted through this supply chain incident? And are we witnessing the emergence of a serious competitor to CLOP in the supply chain extortion arena? We'll know more soon.


Referencias

Diamond Model

Adversary
ido_cohen2
Ver perfil →
Victim
Ido Cohen: The Icarus supply chain extortion campaign continues to unfold. The group has now added 5 additional victims, all with their identities partially concealed. The guessing game has officially begun. How many organizations were impacted through this supply chain incident? And are we witnessing the emergence of a serious competitor to CLOP in the supply chain extortion arena? We'll know more soon.
United States
Capability
Ransomware
1 TTPs MITRE
Infrastructure
darkfeed.io

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
domain darkfeed.io observed in tweet VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor ido_cohen2 en el blog → Ver ido_cohen2 en IntelTracker → URL IntelTracker: nitter.net→ URL IntelTracker: x.com → Fuente OSINT: nitter.net→ Fuente OSINT: x.com → Buscar ido_cohen2 en APTTrail → Repositorio APTTrail → Mas incidentes en United States → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes