Cl0p, one of the most prominent ransomware groups, has been found to be active again after a recent crackdown by federal agencies. It kept its operations quiet for about a week and recently listed new victims on its data leak site.
Leak after Bust
The Cl0p gang is back as it leaked data of two new victims on its ransomware data leak site.The operators have published a fresh batch of confidential data, claimed to be stolen from new victims.The data belongs to two victims, one is a farm equipment retailer, while the other one an architect’s office.
The Cl0p ransomware group has been active since March 2019, when it targeted an enterprise with CryptoMix ransomware. Clop’s total damages are estimated to be $500 million, according to the Ukrainian police. Last week, a law enforcement operation led to the arrests of Cl0p ransomware gang members.
- Law enforcement had shut down the malware infrastructure and blocked channels for laundering illegally obtained cryptocurrencies.
- The latest activities indicate that the arrests by the federal agencies targeted only the money laundering part of the operation, and core members were not arrested.
- The overall impact of arrests on Cl0p operations is expected to be minor as within a week, new activities have started sprouting again.
The recent arrests in Ukraine have not hit Cl0p operations that hard, as the core group members were not impacted. It can be said that the fight to stop ransomware is far from over and is expected to continue further. Therefore, organizations should proactively follow adequate security measures to stay protected.