Security News > 2023 > August > Clop ransomware now uses torrents to leak data and evade takedowns
The Clop ransomware gang has once again altered extortion tactics and is now using torrents to leak data stolen in MOVEit attacks.
On June 14th, the ransomware gang began extorting its victims, slowly adding names to their Tor data leak site and eventually publicly releasing the files.
Leaking data via a Tor site comes with some drawbacks, as the download speed is slow, making the leak, in some cases, not as damaging as it could be if it was easier to access the data.
As a new solution to these issues, Clop has begun to use torrents to distribute data stolen from MOVEit attack.
As torrents use peer-to-peer transfer among different users, the transfer speeds are faster than the traditional Tor data leak sites.
If this proves successful for Clop, we will likely see them continue to utilize this method to leak data as it's easier to set up, does not require a complex website, and may further pressure victims due the increased potential for broader distribution of stolen data.