The Lynx ransomware, which appeared in July this year, may have originated from the INC Ransom source code reportedly sold in May, according to analyses by Nextron Systems and Palo Alto Networks’ Unit 42. The Lynx gang has claimed over 20 victims primarily in the retail, real estate, architecture, financial services, and environmental services sectors in the US and UK. While clear connections can’t be definitively confirmed, similarities between Lynx and INC Ransom suggest the development of Lynx has borrowed significantly from INC’s codebase.

North Korean Hackers Use Fake U.S. Companies to Spread Malware in Crypto Industry: Report
North Korean hackers reportedly set up shell companies in the US to penetrate the crypto sector and target developers via fake job offers, according to