The compressed attachment of the “REQUEST FOR QUOTATION” email contains an exe: the malware. Stolen data is exfiltrated via Telegram API.
Cybercrime: The Clop ransomware gang was not defeated, only “crippled”
The Clop ransomware gang was not defeated, only “crippled”. The Ukraine-South Korea operation destroyed the recycling branch. The leaders are in Russia and enjoy protections
The Clop ransomware gang was not defeated, but only “crippled” by the recent Ukrainian-South Korean operation that led to the arrest of six people in the Kiev region. The cybercrime group behind the malware posted information about two victims, who failed to pay the ransom, on its data leak site. According to cybersecurity experts, the latest arrests may have knocked out the sub-group that was involved in laundering the extortion money. The top management and the operational arm, in fact, would operate in Russia and enjoy protections. As a result, destroying the infrastructure will be more complicated, but not impossible.