Cybersecurity expert JAMESWT: The link in the message downloads a zip with a URL pointing to an SMB, which downloads and executes the malware. Same TTP as the “Revenue Agency” campaign in Italy.
Clop ransomware gang has been disrupted by an international operation. US, South Korean and Ukrainian law enforcements shut down the infrastructure and seized the servers. Egregor, NetWalker and Emotet suffered the same fate
Clop ransomware gang has been disbanded by US, South Korean and Ukrainian law enforcements, who shut down the infrastructure used by the cybercrime group and seized the servers. According to the cybersecurity experts, it created financial damages for around $500 million worldwide. Police conducted 21 searches in Kiev region, arresting six people involved in the attacks against companies since 2019. Clop it the fourth major threat actor disrupted by law enforcements in this year. The first one was Emotet, the second, NetWalker and the third Egregor. Furthermore, some medium-size gangs decided to halt their operations fearing to be targeted. The most important are Fonix and Ziggy.