Multiple US executives targeted by ransomware in high-volume assault, Google warns | Latest Tech News
Hackers linked to a distinguished ransomware group have been focusing on US business executives at “numerous organizations” in a huge marketing campaign since last month, according to a warning issued by Google on Thursday.
Google’s researchers said the hackers declare to be half of the infamous “clOp” ransomware gang and have been sending the threatening emails as half of what it described as a “high-volume” assault.
It wasn’t immediately clear which other corporations have been targeted in the ransomware marketing campaign, or if any have paid the ransom to regain control of their data.
The hackers seem to be linked to the Cl0p ransomware group. Gorodenkoff – stock.adobe.com
In the emails, the hackers are claiming to have stolen their data through standard business management apps provided by Oracle to company purchasers. The assaults started around Sept. 29, according to Genevieve Stark, head of cybercrime at Google Threat Intelligence Group.
“Initial analysis suggests that the targeting is opportunistic, as opposed to focusing on specific industries,” Stark added. “This is consistent with prior activity associated with the Cl0p data leak site.”
Oracle didn’t immediately return The Post’s request for remark.
The hackers have demanded ransoms of up to $50 million and have despatched victims screenshots as proof of the breach, according to cybersecurity firm Halcyon, which is also monitoring the hacking marketing campaign, according to Bloomberg.
Google warned that the assaults appear to be “opportunistic” and weren’t tied to particular corporations. REUTERS
“We have seen Cl0p demand huge seven- and eight-figure ransoms in the last few days,” Cynthia Kaiser, vice president at Halcyon’s ransomware research middle, told the outlet. “This group is notorious for stealthy, mass data theft that heightens their leverage in ransom negotiations.”
Google said it “does not currently have sufficient evidence to definitively assess the veracity of these claims.” At least one of the e-mail addresses linked to the assault was beforehand used by the hacker group.
“The malicious emails contain contact information, and we’ve verified that the two specific contact addresses provided are also publicly listed on the CLOP data leak site (DLS),” said Charles Carmakal, chief technology officer at Google Cloud cybersecurity unit Mandiant. “This move strongly suggests there’s some association with Clop and they are leveraging the brand recognition for their current operation.”
The emails reportedly bear the hallmarks of clOp’s work, including sloppy English and grammar.
The hackers declare to have breached a set of Oracle apps. AP
The hacker group beforehand carried out a ransomware marketing campaign in 2023 that breached accounts at a number of major corporations, including British Airways and the BBC.
In June 2023, the US Cybersecurity & Infrastructure Security Agency (CISA) warned that clOp was “considered to be one of the largest phishing and malspam distributors worldwide.”
The group was “estimated to have compromised more than 3,000 US-based organizations and 8,000 global organizations” during its run.
With Post wires
Stay informed with the latest in tech! Our web site is your trusted source for breakthroughs in artificial intelligence, gadget launches, software program updates, cybersecurity, and digital innovation.
For recent insights, professional coverage, and trending tech updates, go to us repeatedly by clicking right here.
