Ransomware
Cl0p Ransomware
First seen: 2019-02 • Status: active
Currently Active Threat
Cl0p specializes in attacking file transfer software that companies use to share data. Their MOVEit attack was one of the biggest hacks ever.
Overview
Cl0p is notorious for mass exploitation campaigns targeting file transfer software. Their MOVEit attack affected thousands of organizations.
Also Known As
Clop, TA505
How It Spreads
- • Zero-day exploitation
- • File transfer vulnerabilities
- • GoAnywhere, MOVEit
What It Does
- • Mass data theft
- • Extortion
- • File encryption
Is your business exposed?
Target Platforms
Windows
Detection Tips
- • Patch file transfer software immediately
- • Monitor for mass exploitation
MITRE ATT&CK Techniques
T1190, T1486, T1567
If You're Infected
- 1.
Patch all file transfer applications
- 2.
Audit file transfer logs
Related Malware
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required