HQ/EMEAFind out how we can help your business
One of our threat analysts in the iZOOlogic research team spotted a Cl0p ransomware announcement that included an eerie message about the situation of the information they stole from their recent cyberattacks.
The notorious ransomware group is the culprit of the widespread MOVEit data breach campaign that infected numerous organisations worldwide. The cybercriminal campaign has compromised different sectors of multiple countries by putting critical data at risk.
The Cl0p ransomware group will unveil everything this month.
According to one of our iZOOlogic cybersecurity researchers, the Cl0p ransomware published an announcement on their dark web website regarding releasing the stolen information on August 15.
The group explained that the affected companies have remained silent about the issue and downplayed their threats, which is why they will provide more proof of the legitimacy of the stolen data.
Cl0p also noted in the statement that they are a reasonable organisation, which is why it gave a fair discount for all the affected companies to prevent the publication or reselling of the stolen data. The cybercriminal group advises companies to contact them and negotiate properly to avoid unwanted data exposure.
Unfortunately, Cl0p will start disseminating and exposing the stolen data on August 15 if the affected companies do not try to transact with them.
Our researcher also stated that the Cl0p ransomware group would generate a specially crafted clear web URL for larger companies to help Google Index. Furthermore, the group threatens all its victims that all the stolen data will end up on torrent, which could hasten the download speed once published.
In connection with the statement, the Cl0p ransomware operators have changed their extortion tactic recently to apply more pressure on the victims of its recent MOVEit cybercriminal campaigns.
The threat group has started leveraging torrent websites to leak stolen information easily. Additionally, the gang has provided instructions on downloading the leaked data from the torrent sites.
Lastly, our researcher emphasised that the announcement is a clear warning for the affected companies. Therefore, compromised entities should make significant moves to prevent data leakage, whether the ransomware gang is bluffing.
