clop ransomware

Threat Actor updated 2 months ago (2024-11-29T13:13:25.726Z)
Download STIX
Preview STIX
Clop ransomware is a high-profile, evolving threat actor that has significantly compromised industries globally. This financially motivated ransomware family has been linked to the GOLD TAHOE threat group, which uses malicious emails as an Initial Access Vector (IAV) to deliver Clop ransomware. GOLD TAHOE further utilizes the BITSAdmin tool to retrieve the TinyMet Meterpreter stager in Clop ransomware incidents, demonstrating sophisticated and evolving techniques to bypass security defenses. The Clop ransomware operation made headlines on April 10, 2023, when it leaked over 16,000 sensitive files of Tasmanian students. The compromised data included student assistance application data, financial invoices, and statements. Following this, the group claimed responsibility for exploiting a zero-day flaw in the MOVEit software, which led to the theft of sensitive data from high-profile organizations such as British Airways, Shell, and the U.S. Department of Energy. The potency of the Clop ransomware lies in its ability to adapt and evolve, constantly changing tactics to bypass security measures and launch high-impact attacks. Its notorious activities include the series of MOVEit mass-hacks and theft of gigabytes of data from various companies, including Estée Lauder’s archives. As of now, the Clop ransomware group continues to dump stolen data, posing an ongoing threat to global cybersecurity.
Description last updated: 2023-08-23T19:35:00.081Z
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the clop ransomware Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
CERT-EU
2 years ago
CERT-EU
2 years ago
CERT-EU
a year ago
BankInfoSecurity
2 years ago
Flashpoint
2 years ago
MITRE
2 years ago
Trend Micro
2 years ago
CERT-EU
2 years ago
CSO Online
2 years ago
InfoSecurity-magazine
2 years ago
Securityaffairs
2 years ago
Securityaffairs
2 years ago
BankInfoSecurity
2 years ago
CERT-EU
2 years ago
Naked Security
2 years ago
Securityaffairs
2 years ago
Checkpoint
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago