the clop ransomware

Threat Actor updated 2 months ago (2024-11-29T13:13:25.726Z)
Download STIX
Preview STIX
The Clop ransomware is a significant cyber threat actor known for its disruptive activities. The group first came to prominence in late 2020 and early 2021 when it exploited the Accellion FTA vulnerability, compromising victims' data without deploying the actual ransomware. These victims were subsequently listed on the Clop leak site. In addition, researchers found that since 2021, the Clop gang had been seeking a zero-day exploit in the MOVEit Transfer, indicating a shift towards more sophisticated attack methods. In 2023, the group's tactics evolved further with the use of zero-day vulnerabilities and the exploitation of newly discovered ones. In February 2023, the Clop ransomware group claimed to have used the GoAnywhere zero-day vulnerability (CVE-2023-0669) to impact 130 organizations. This trend continued with the exploitation of the MOVEit vulnerability (CVE-2023-34362), which was used to claim nearly 100 victims worldwide within a month of its discovery. Many of these victims have since come public about their experiences. The Clop Ransomware group has also demonstrated a willingness to leak sensitive data as part of its extortion tactics. In April 2023, over 16,000 sensitive Tasmanian student files were leaked by the operation. The compromised information included student assistance application data, financial invoices, and statements. Furthermore, the group has been actively extorting money from its victims since May 27th, 2023, aligning its attacks with significant dates such as Memorial Day. This highlights the group's strategic approach to maximize impact and potential profits.
Description last updated: 2023-08-24T15:25:03.399Z
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the the clop ransomware Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
CERT-EU
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago
CERT-EU
a year ago
CERT-EU
a year ago
Securityaffairs
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
BankInfoSecurity
a year ago
CERT-EU
a year ago
BankInfoSecurity
a year ago
Securityaffairs
a year ago