April 25, 2024

An international law enforcement operation, codenamed “Operation Cyclone,” targeted the Clop ransomware gang, leading to previously reported arrests of six members in Ukraine.New information emerged about how the operation was conducted and the law enforcement agencies involved.

The transcontinental operation called “Operation Cyclone” was coordinated by INTERPOL’s Cyber Fusion Center in Singapore, with the assistance of the Ukrainian and US police authorities.

Advertisements

This operation targeted Clop for his numerous attacks on Korean companies and US academic institutions, in which threat actors encrypted devices and extorted organizations to pay a ransom or leak their stolen data.

Clop conducted a massive ransomware attack against E-Land Retail, a South Korean conglomerate and retail giant, which caused the temporary closure of 23 out of 50 stores of NC department stores and the NewCore Outlet. Them after claimed to have stolen 2,000,000 credit cards from the company that uses point-of-sale malware.

More recently, Clop used a vulnerability in the Accellion secure file transfer gateway to steal confidential and private files from companies and universities. When $ 10 million + ransom demands were not paid, the threat actors publicly released students’ personal information from numerous universities and colleges.

Through intelligence sharing between law enforcement and private partners, Operation Cyclone resulted in the arrest of six suspects in Ukraine, the search of more than 20 homes, businesses and vehicles, and the seizure of computers and $ 185,000 in cash. .

The transaction was also assisted by private partners, including Trend Micro, CDI, Kaspersky Lab, Palo Alto Networks, Fortinet and Group-IB.

Despite the spiral of global ransomware attacks, this police-private sector coalition saw one of the first arrests of online criminal gangs by global law enforcement, sending a powerful message to ransomware criminals, who don’t care where they hide in. cyberspace, we will pursue them relentlessly.

Interpol Statement
Advertisements

US cybersecurity firm Intel 471 previously told that the arrested members are linked to the Clop ransomware gang, they were primarily involved in money laundering for the criminal organization. The intelligence firm further said that the main members of Operation Clop are likely out of danger in Russia

If convicted, the six suspected members of the clop face up to eight years in prison.

Tags:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You may have missed

ArcaneDoor Exploits Cisco ASA and FTD

April 25, 2024

Google Fixes Critical Vulnerability in Chrome -CVE-2024-4058

April 24, 2024

Red Ransomware Victimized Targus

April 23, 2024

Oracle Virtual Box Vulnerability PoC Released – CVE-2024-21111

April 22, 2024

CrushFTP Zeroday Vulnerability Exploited in Wild attack

April 21, 2024

TheCyberThrone Security Week In Review – April 20, 2024

April 21, 2024

Discover more from TheCyberThrone

Subscribe now to keep reading and get access to the full archive.

Continue reading