Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Incidents

Hackers Target Oracle Apps For Extortion

October 3, 2025
Reading Time: 3 mins read
in Incidents
Hackers Target Oracle Apps For Extortion

A criminal group is extorting executives and tech departments at large organizations, claiming to have stolen data from their Oracle Corp. applications. Cybersecurity experts familiar with the situation believe the hackers are targeting the company’s popular E-Business Suite, which manages essential operations like finance, supply chain, and customer relations. In one case, the ransom demand reached a staggering $50 million. The group, which says it’s affiliated with the well-known criminal outfit Cl0p, has been providing victims with proof of the data theft, including screenshots and file trees, and at least one company has confirmed the breach.

The hackers began sending out extortion emails on or before September 29. These messages were sent from hundreds of compromised third-party accounts and claimed that the recipient’s data had been stolen. Genevieve Stark, the head of cybercrime at Google’s Threat Intelligence Group, noted that at least one of the email addresses used in the extortion notes was previously linked to a Cl0p affiliate. Additionally, the contact details provided in the messages are the same ones listed on Cl0p’s own website.

According to cybersecurity firm Halcyon, which is currently responding to the campaign, the group has demanded significant ransoms. Cynthia Kaiser, the vice president of Halcyon’s ransomware research center, stated that the group has asked for seven- and eight-figure ransoms in the last few days. She added that Cl0p is “notorious for stealthy, mass data theft that heightens their leverage in ransom negotiations.”

The extortion emails themselves contain poor grammar and sloppy English, which is considered characteristic of this group. The targets of the extortion letters haven’t been disclosed, nor has it been revealed if any victims have paid the ransom. While the hackers provided proof of the breach, Alphabet Inc.’s Google has yet to find enough evidence to independently verify the claims made in the extortion demands.

Halcyon’s analysis suggests that the hackers compromised user emails and then exploited the default password-reset function to get valid credentials for the internet-facing Oracle E-Business Suite portals. However, another source familiar with the matter believes the data theft was caused by the exploitation of a different, previously unknown vulnerability in the Oracle E-Business Suite software.

Reference:

  • New Extortion Campaign Exploits Oracle Apps To Hack Businesses
Tags: cyber incidentsCyber Incidents 2025Cyber threatsOctober 2025
ADVERTISEMENT

Related Posts

Hackers Target Oracle Apps For Extortion

Hospital Cyberattack Leaks Patient Data

October 3, 2025
Hackers Target Oracle Apps For Extortion

UK Renault Dacia Customer Data Stolen

October 3, 2025
Smishing targets routers in Belgium 2025

Dealership Software Breach Hits 766k

October 2, 2025
Smishing targets routers in Belgium 2025

Allianz Life July Breach Hits 1.5M

October 2, 2025
Smishing targets routers in Belgium 2025

Suffolk Website Down After Cyber-Attack

October 2, 2025
WestJet Confirms Data Breach

Ransomware Gang Recruits Reporter

October 1, 2025

Latest Alerts

Facebook Scams Target Seniors With Malware

Android Spyware Poses As Signal And Totok

Chrome Update Fixes 21 Security Flaws

Outlook Bug Causes Repeated Crashes

Smishing targets routers in Belgium 2025

MatrixPDF Toolkit Turns PDFs Into Lures

Subscribe to our newsletter

    Latest Incidents

    Hackers Target Oracle Apps For Extortion

    Hospital Cyberattack Leaks Patient Data

    UK Renault Dacia Customer Data Stolen

    Allianz Life July Breach Hits 1.5M

    Dealership Software Breach Hits 766k

    Suffolk Website Down After Cyber-Attack

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial