Customer portal
Articles Tagged with

CLOP

"CLOP
Ransomware

Clop issue ultimatum and SOS Intelligence quoted on the BBC news site

Joe Tidy, the BBC’s Cyber correspondent has written an interesting piece on the MOVEit hack which we issued a Flash Alert about last week.

A prolific cyber crime gang thought to be based in Russia has issued an ultimatum to victims of a hack that has hit organisations around the world. 

The Clop group posted a notice on the dark web warning firms affected by the MOVEit hack to email them before 14 June or stolen data will be published.

More than 100,000 staff at the BBC, British Airways and Boots have been told payroll data may have been taken.

BBC

The post by the Clop group urges victim organisations to send an email to the gang to begin a negotiation on the crew’s darknet portal. Our CEO and Founder, Amir was also quoted after speaking with Joe:

“My take is that they just have so much data that it is difficult for them to get on top of it all. They’re betting that if you know then you will contact them,” says SOS Intelligence CEO Amir Hadžipasić.”

Amir Hadžipasić

The critical, zero-day vulnerability in MOVEit Transfer is being actively targeted by threat actors to facilitate data theft.

MOVEit Transfer is a managed file transfer (MFT) solution developed by Ipswitch.  It allows the users to securely transfer files between consumers and partners using SFTP, SCP, and HTTP-based uploads.

The exploit, as yet unassigned a CVE, is being utilised by the Clop group to facilitate mass downloads of victim company data, now known to be the likes of the BBC, BA and Boots.

What is key, is this is likely to be a third party vulnerability which has led to some of these major organisations to be compromised. Many of the organisations are not direct users of the MOVEit software, but outsourced their payroll services to a third-party called Zellis, which was a victim.

Third party cyberthreats are increasingly important due to the porous nature of relationships between companies and organisations.

We are running a webinar on June 14th at 11am UK time discussing how SOS Intelligence can help with this threat. You can sign up here.

Privacy Settings
We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
Youtube
Consent to display content from - Youtube
Vimeo
Consent to display content from - Vimeo
Google Maps
Consent to display content from - Google
Spotify
Consent to display content from - Spotify
Sound Cloud
Consent to display content from - Sound