Clop hackers reveal victim identities on the dark web
A cybercrime group known as Clop has recently exposed the identities and company information of numerous victims who fell victim to a large-scale global hacking incident. This group is now demanding a ransom in exchange for the stolen data.
In a concerning development, Clop initiated their extortion scheme by publishing the names of various firms on their website located on the darknet.
Notably, this cyber attack has not spared US federal agencies, with some of them falling victim to the hackers. The US Cybersecurity and Infrastructure Security Agency confirmed that it is assisting several federal agencies that have experienced security breaches affecting their MOVEit applications. The exact agencies affected and the nature of the stolen data remain unknown, but experts in cybersecurity assert that the impact is not anticipated to be severe.
This mass hack is believed to have impacted hundreds of organisations worldwide, with around 50 cases confirmed either by the affected companies themselves or by the hackers involved. On the hackers’ so-called “leak site,” one can find a list of targeted companies hailing from the United States, Germany, Belgium, Switzerland, and Canada.
Ransomware groups like Clop commonly employ leak sites as a means to publicly expose and shame their victims, leveraging this tactic to coerce them into paying the demanded ransoms. This method has proven to be quite lucrative for these criminal organisations, although law enforcement agencies worldwide actively discourage victims from giving in to the ransom demands as it only serves to fuel further criminal activities.
The MOVEit hack, which enabled the hackers to gain unauthorized access to Progress Software’s MOVEit Transfer tool, was initially disclosed by the US company on May 31. Upon discovering the breach, Progress Software promptly alerted its customers and made a downloadable security update available to mitigate the risks.
Zellis, a payroll services provider based in the United Kingdom, was one of the users of MOVEit whose security was subsequently compromised. Zellis has confirmed that eight organisations in the UK have suffered data theft as a result of this breach. The stolen information includes sensitive details such as home addresses, national insurance numbers, and, in some instances, bank account information.