The notorious Cl0p ransomware gang continues to cause havoc globally, targeting prominent companies such as Deutsche Bank and the BBC. Cybernews has uncovered evidence that at least one of the gang’s masterminds is still residing in Ukraine.
Deutsche Bank recently fell victim to the Cl0p gang, with customer data being leaked after hackers exploited the MOVEit vulnerability through a third-party vendor, Majorel.
Cl0p has a history of publicly naming its victims, and this time it has been sitting on a zero-day vulnerability for two years. The group chose the Memorial Day weekend in the US to launch a widespread attack, affecting not only Deutsche Bank but also other major European banks like Postbank, ING Bank, and Comdirect.
Despite previous arrests and the temporary shutdown of operations, Cl0p has bounced back and is now among the top three most active ransomware groups, with over 361 victims.
New evidence reveals that the Russia-affiliated Cl0p gang is still operating from Ukraine. Cybernews has obtained information indicating that one of the ransomware strain developers is located in Kramatorsk, a city on the front line of the Russia-Ukraine war.
The persistent presence of the Cl0p gang highlights the challenges faced by law enforcement agencies in combating sophisticated cybercriminal operations.
