Clop Gang Offers Data Downloads Via Torrents

Security

The Clop ransomware group has begun offering access to data stolen in MOVEit attacks via torrents, it has emerged.

Security researcher Dominic Alvieri revealed the news on Twitter, with screenshots showing several big-name victims whose data is being made available via P2P sharing.

Among the corporate names on that list were investment firm Putnam, Iron Bow Technologies and insurance company Delaware Life. Management consultancy Aon, Zurich Brazil and United Healthcare Student Resources were also featured.

The move by Clop is likely due to the fact that large data dumps can be slow to download, eroding the value threat actors get by sharing them on leak sites.

The group included handy instructions on how to use torrent clients, alongside data on roughly 20 compromised organizations.

This isn’t the first time Clop has experimented with new ways to make its stolen data more accessible. The group previously created surface web sites dedicated to specific breached organizations like PwC.

Read more on Clop: Critical Zero-Day Flaw Exploited in MOVEit Transfer

Ransomware groups are constantly innovating to improve their reputation and monetization of attacks. Another area of interest is notification of the victims themselves.

One group recently hijacked the mass alert system of a Virginian university to pressure staff and students to lobby the institution’s administrators to pay.

Clop managed to compromise hundreds of victims after exploiting a zero-day bug in the MOVEit managed file transfer software.

Millions of end users have been impacted. Most recently, Virginian government contractor Maximum admitted that between eight and 11 million individuals may have had their personal information compromised via the campaign.

Products You May Like

Articles You May Like

Amazon MOVEit Leaker Claims to Be Ethical Hacker
EU Ramps Up Cyber Resilience with Major Crisis Simulation Exercise
Researchers Warn of Privilege Escalation Risks in Google’s Vertex AI ML Platform
Palo Alto Networks Confirms New Zero-Day Being Exploited by Threat Actors
Massive Telecom Hack Exposes US Officials to Chinese Espionage

Leave a Reply

Your email address will not be published. Required fields are marked *