Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Whitepapers
    • AI Models Leaderboard
  • AI toolsNEW
  • Newsletter
  • + More
    • Glossary
    • Conversations
    • Events
    • About
      • Who we are
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
  • AI
  • Tech
  • Cybersecurity
  • Finance
  • DeFi & Blockchain
  • Startups
  • Gaming
Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Whitepapers
    • AI Models Leaderboard
  • AI toolsNEW
  • Newsletter
  • + More
    • Glossary
    • Conversations
    • Events
    • About
      • Who we are
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
Dataconomy
No Result
View All Result

Clop ransomware just made your file transfers a security minefield

Following the attack, the Cybersecurity and Infrastructure Security Agency (CISA) confirmed the exploitation of CVE-2024-50623 in recent ransomware activities

byKerem Gülen
December 16, 2024
in News, Cybersecurity
Home News
Share on FacebookShare on TwitterShare on LinkedInShare on WhatsAppShare on e-mail
Google Preferred Source

The Clop ransomware gang has claimed responsibility for recent data theft attacks against Cleo, utilizing zero-day vulnerabilities in the company’s file transfer platforms. Cleo’s managed file transfer software—Cleo Harmony, VLTrader, and LexiCom—was targeted, enabling hackers to steal sensitive corporate data.

Clop ransomware targets Cleo data transfer platforms

In October 2023, Cleo addressed a security flaw identified as CVE-2024-50623, which allowed unrestricted file uploads and downloads, potentially leading to remote code execution attacks. However, a cybersecurity firm, Huntress, discovered that the original patch was ineffective, and attackers managed to exploit a bypass, resulting in ongoing data breaches. This breach included the uploading of a JAVA backdoor, which facilitated data theft and granted hackers further access to compromised networks.

Following the attack, the Cybersecurity and Infrastructure Security Agency (CISA) confirmed the exploitation of CVE-2024-50623 in recent ransomware activities. Cleo has not publicly acknowledged the exploitation of the vulnerability that was reportedly patched. While initial assessments linked these attacks to a new group named Termite, further investigation aligned them more closely with the activities of Clop.

Stay Ahead of the Curve!

Don't miss out on the latest insights, trends, and analysis in the world of data, technology, and startups. Subscribe to our newsletter and get exclusive content delivered straight to your inbox.

The Clop ransomware group, also known as TA505 and Cl0p, has a track record of exploiting vulnerabilities in secure file transfer platforms. This strategy became prominent in 2020, beginning with a zero-day exploit in the Accellion FTA, impacting nearly one hundred organizations. In 2021, the group leveraged a zero-day vulnerability in SolarWinds Serv-U FTP software, further establishing its focus on these types of attacks.

In 2023, Clop employed a similar tactic against the GoAnywhere MFT platform, which allowed them to compromise data from more than 100 companies. Their most notorious operation involved exploiting a vulnerability in the MOVEit Transfer platform, resulting in data breaches across 2,773 organizations. The current attacks on Cleo are yet another chapter in Clop’s ongoing campaign targeting file transfer solutions, raising significant concerns among enterprises utilizing these platforms.


Hackers use US Marshals ransomware to steal secret documents from The U.S.


Cleo has remained largely silent regarding the extent of the impact, and it remains unclear how many organizations have been affected by the recent breaches. Reports indicate that Clop is focusing on new extortion efforts related to the recent Cleo attacks, declaring their intent to delete data associated with previous victims. A message from Clop’s extortion site stated that links to prior victim data would be disabled, with an emphasis on dealing only with new companies targeted in the Cleo exploits.

The United States State Department is pursuing Clop, linking them to foreign state actors and has issued a bounty of $10 million for information that leads to their capture.

“As for CLEO, it was our project (including the previous cleo) – which was successfully completed. All the information that we store, when working with it, we observe all security measures. If the data is government services, institutions, medicine, then we will immediately delete this data without hesitation (let me remind you about the last time when it was with moveit – all government data, medicine, clinics, data of scientific research at the state level were deleted), we comply with our regulations. with love © CL0P^_,” Clop told BleepingComputer.


Featured image credit: Wesley Ford/Unsplash

Tags: Cybersecurityransomware

Related Posts

OpenAI retires Atlas browser to focus on new ChatGPT superapp

OpenAI retires Atlas browser to focus on new ChatGPT superapp

July 14, 2026
Microsoft tests Copilot’s new PC insights feature in Windows 11

Microsoft tests Copilot’s new PC insights feature in Windows 11

July 14, 2026
Xiaomi unveils SkyNomad N90 range-extender SUV

Xiaomi unveils SkyNomad N90 range-extender SUV

July 14, 2026
X algorithm update aims to make replies feel friendlier

X algorithm update aims to make replies feel friendlier

July 14, 2026
Windows 11 Search Box gets less clutter and more control

Windows 11 Search Box gets less clutter and more control

July 14, 2026
Pixel 11 leak shows bold magenta and peach colors

Pixel 11 leak shows bold magenta and peach colors

July 14, 2026

LATEST NEWS

OpenAI retires Atlas browser to focus on new ChatGPT superapp

Microsoft tests Copilot’s new PC insights feature in Windows 11

Xiaomi unveils SkyNomad N90 range-extender SUV

X algorithm update aims to make replies feel friendlier

Windows 11 Search Box gets less clutter and more control

Pixel 11 leak shows bold magenta and peach colors

BEST AI MODELS LEADERBOARD

See the best AI models, ranked by intelligence, benchmark results, speed and token price. Find the most suitable LLMs, Text-to-Image, Image Editing, Text-to-Speech, Text-to-Video and Image-to-Video  artificial intelligence model for your tasks and business.

LATEST TOOLS

Mootion

Legacy AI

Copyseeker

ProPhotos

Kuki AI

Create

RemodelAI

AItwitch

Vadoo AI

Greptile AI

Dataconomy

COPYRIGHT © DATACONOMY MEDIA GMBH, ALL RIGHTS RESERVED.

  • About
  • Imprint
  • Contact
  • Legal & Privacy

Follow Us

  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Whitepapers
    • AI Models Leaderboard
  • AI tools
  • Newsletter
  • + More
    • Glossary
    • Conversations
    • Events
    • About
      • Who we are
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
No Result
View All Result
Subscribe

This website uses cookies to improve your experience. You can choose to accept or reject them. Visit our Privacy Policy.