Clop Ransomware Claims Responsibility for Cleo Data Breaches
/ 1 min read
🕵️♂️ Clop ransomware gang claims responsibility for Cleo data theft attacks. The Clop ransomware group has confirmed its involvement in recent data theft incidents targeting Cleo’s managed file transfer platforms, exploiting a critical vulnerability (CVE-2024-50623) that allowed unauthorized file access. Despite Cleo’s attempts to patch the flaw, cybersecurity firm Huntress revealed that attackers were still able to exploit a bypass, uploading a JAVA backdoor to facilitate data theft. Clop announced it would delete data from previous breaches and focus on new victims, while the extent of the impact on companies remains unclear. The U.S. State Department has placed a $10 million bounty for information linking Clop’s activities to foreign governments.
