The Clop operation has shifted from delivering its final payload via phishing and has begun initiating attacks using vulnerabilities that resulted in the exploitation and infection of victims' infrastructures.

Clop (sometimes written “Cl0p”) is a cybercriminal organization known for its multilevel extortion techniques and global malware distribution. It has extorted more than $500 million in ransom payments, targeting major organizations worldwide.

2025年1月16日 · In a post on its dark web leak site, seen by TechCrunch, the Russia-linked Clop gang listed 59 organizations it claims to have breached by exploiting the high-risk bug in Cleo’s software tools....

2023年6月26日 · The Clop ransomware group may well be the next in law enforcement crosshairs, as the US Department of State has authorized a $10 million bounty on information about the group under its "Reward for Justice" program.

2023年6月7日 · In late January 2023, the CL0P ransomware group launched a campaign using a zero-day vulnerability, now catalogued as CVE-2023-0669, to target the GoAnywhere MFT platform. The group claimed to have exfiltrated data from the GoAnywhere MFT platform that impacted approximately 130 victims over the course of 10 days.

2025年2月20日 · Over the past two months, the Clop ransomware gang has resumed targeting organizations, listing victims on its data leak site (DLS). This resurgence follows a series of large-scale attacks in 2023, which resulted in 384 successful breaches. In contrast, Clop has published only 27 victims throughout 2024.

2025年3月19日 · Clop’s Cleo attacks were orchestrated through two common vulnerabilities and exposures (CVEs) tracked as CVE-2024-50623 and CVE-2024-55956. ... He narrowly escaped extradition at the end of June ...

2023年5月19日 · A cybercrime gang known as FIN7 resurfaced last month, with Microsoft threat analysts linking it to attacks where the end goal was the deployment of Clop ransomware payloads on victims'...

2024年12月17日 · The cyber extortion group Cl0p(Clop) has apparently returned with a new campaign, exploiting a zero-day in the Cleo electronic data interchange software. Cleo is the developer of the managed file transfer platforms Cleo Harmony, VLTrader, and LexiCom, which companies use to securely exchange files between their business partners and customers.

2023年7月5日 · CLOP勒索软件由 McAfee 安全研究人员 于 2019 年 2月首次发现，隶属于 CIyptoMix 勒索软件家族，是由 “FANCYCAT”组织创建和管理，在大规模鱼叉式网络钓鱼活动中被用作勒索软件即服务(RaaS)，将勒索软件传播到附属网络。