Detecting Clop Ransomware

Splunk Threat Research Team reports: As ransomware campaigns continue, malicious actors introduce different modus operandi to target their victims. In this blog, we’ll be taking a look at the Clop ransomware. This crimeware was discovered in 2019 and is said to be used for an attack that demanded one of the highest ransom amounts in recorded history ($20 million). Their strategy is to send the malicious payloads via different methods, such as phishing emails, and spreading ransomware payload post-exploitation by exploiting exposed or related vulnerable systems. Actors behind this crimeware then present instructions on how to pay ransom and communicate further threats of exposure by publishing the sensitive information they obtained on a publicly accessible website. Read more on Splunk.DataBreaches.netRead More