Clop Ransomware Returns: 21 Victims Suffer Cyberattack

Clop ransomware gang has returned to the ransomware threat landscape a few months after shutting down its operations between November and February.

The activities of the ransomware group became noticeable after it had added 21 new victims to its data leak site in just one month (April).

Clop’s most targeted sector was the industrial sector. 45% of Clop ransomware attacks target industrial organizations, while 27% target technology companies.

“CLop had an explosive and unexpected return to the forefront of the ransomware threat landscape, jumping from the least active threat actor in March to the fourth most active in April. There were notable fluctuations in threat actor targeting in April. While Lockbit 2.0 (103 victims) and Conti (45 victims) remain the most prolific threat actors, victims of CLoP increased massively, from 1 to 21,” NCC Group explained.

Clop ransomware deals in the exfiltration of large amounts of data from high-profile companies using Accellion’s legacy File Transfer Appliance (FTA). The stolen data are later used as leverage to blackmail the compromised companies, whereby they are forced to pay high ransom demands to prevent their data from leaking online.

There is speculation that the recent actions of the Clop gang are part of the process of finally shutting down their operations after a long period of inaction.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web