Malware
TA505/Clop Operations
First seen: 2019-02 • Status: active
Currently Active Threat
TA505 runs the Clop ransomware gang. They specialize in attacking file sharing software used by thousands of companies at once.
Overview
TA505 operates Clop ransomware and pioneered mass exploitation campaigns like MOVEit. They target file transfer software.
Also Known As
TA505 Tools
How It Spreads
- • Mass vulnerability exploitation
- • Zero-days
What It Does
- • Mass data theft
- • Extortion
- • File transfer exploitation
Is your business exposed?
Target Platforms
Windows
Detection Tips
- • Patch file transfer software immediately
MITRE ATT&CK Techniques
T1190, T1567
If You're Infected
- 1.
Patch all file transfer applications
Related Malware
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required