Clop Borrows from BlackCat to Up Their Extortion Game

Category: Ransomware News | Industry: Global | Source: BleepingComputer

With a bevy of data collected from the significant MOVEit breach, the Clop ransomware group is leveraging the opportunity to intensify their extortion efforts. Their latest strategy involves creating clearview websites dedicated to specific companies compromised in the breach. These websites offer a advantage over darkweb platforms, as they are accessible to conventional search engines, can receive higher web traffic, and don't suffer from technical limitations like slow download speeds. Clop has already set up clearview websites for various victims, including PWC, Anon, Ernst & Young (EY), Kirkland, and TD Ameritrade, allowing users to download compromised data for free. Although this tactic is designed to put more pressure on victims, all the sites have already been taken down. It is unknown if the takedowns were initiated by law enforcement, security agencies, or the hosting providers.