Security News

Microsoft and SysAid Find Clop Malware Vulnerability
2023-11-10 20:18

SysAid has patched a zero-day vulnerability that could allow attackers to exfiltrate data and launch ransomware. The vulnerability was exploited by the threat group Lace Tempest, which distributes the Clop malware, Microsoft Threat Intelligence said on Nov. 8 on X. The Microsoft security experts wrote, in part, "Lace Tempest will likely use their access to exfiltrate data and deploy Clop ransomware."

Microsoft: SysAid zero-day flaw exploited in Clop ransomware attacks
2023-11-09 14:28

Threat actors are exploiting a zero-day vulnerability in the service management software SysAid to gain access to corporate servers for data theft and to deploy Clop ransomware. [...]

Clop ransomware now uses torrents to leak data and evade takedowns
2023-08-05 15:16

The Clop ransomware gang has once again altered extortion tactics and is now using torrents to leak data stolen in MOVEit attacks. On June 14th, the ransomware gang began extorting its victims, slowly adding names to their Tor data leak site and eventually publicly releasing the files.

Medical files of 8M-plus people fall into hands of Clop via MOVEit mega-bug
2023-07-27 20:01

Accounting giant Deloitte, pizza and birthday party chain Chuck E. Cheese, government contractor Maximus, and the Hallmark Channel are among the latest victims that the Russian ransomware crew Clop claims to have compromised via the MOVEit vulnerability. The biz now joins PwC and Ernst and Young - all three big accounting firms - among the hundreds of organizations compromised by Clop via a security hole in vulnerable deployments of the file-transfer tool MOVEit.

Clop now leaks data stolen in MOVEit attacks on clearweb sites
2023-07-23 19:10

The Clop ransomware gang is copying an ALPHV ransomware gang extortion tactic by creating Internet-accessible websites dedicated to specific victims, making it easier to leak stolen data and further pressuring victims into paying a ransom. This stolen data is used as leverage in double-extortion attacks, warning victims that the data will be leaked if a ransom is not paid.

Clop gang to earn over $75 million from MOVEit extortion attacks
2023-07-21 16:34

The chart shows that extortion attacks with the lowest complexity and automation have the least impact on victims and cost to the attackers. On May 27th, the Clop ransomware gang began widespread data-theft attacks exploiting a zero-day vulnerability in the MOVEit Transfer secure file transfer platform.

Shutterfly says Clop ransomware attack did not impact customer data
2023-07-14 08:09

Over the last few months, Clop ransomware gang has been exploiting a vulnerability in the MOVEit File Transfer utility to breach hundreds of companies to steal their data and attempt extortion against them. This week, Clop ransomware gang published Shutterfly's name on its data leak site, among other companies it has targeted, largely via the MOVEit SQL Injection vulnerability, tracked as CVE-2023-34362.

Interested in $10,000,000? Ready to turn in the Clop ransomware crew?
2023-06-28 18:59

The latest high-profile cybercrime exploits attributed to the Clop ransomware crew aren't your traditional sort of ransomware attacks. Conventional ransomware attacks are where your files get scrambled, your business gets totally derailed, and a message appears telling you that a decryption key for your data is available.

US govt offers $10 million bounty for info on Clop ransomware
2023-06-17 20:06

The U.S. State Department's Rewards for Justice program announced up to a $10 million bounty yesterday for information linking the Clop ransomware attacks to a foreign government. "Do you have info linking CL0P Ransomware Gang or any other malicious cyber actors targeting U.S. critical infrastructure to a foreign government? Send us a tip. You could be eligible for a reward," tweeted the Rewards for Justice Twitter account.

US government hit by Russia's Clop in MOVEit mass attack
2023-06-15 22:43

The US Department of Energy and other federal bodies are among a growing list of organizations hit by Russians exploiting the MOVEit file-transfer vulnerability. Many orgs, including the US government, have been hit via this flaw, with Clop blamed for this mass exploitation.