In early October, Google Threat Intelligence Group (GTIG) and Mandiant researchers began tracking a suspected Cl0p ransomware campaign aimed at extorting company executives. The attackers sent emails…