fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Ukraine Arrests Clop Ransomware Gang Members, Seizes Servers

Ukraine Arrests Clop Ransomware Gang Members, Seizes Servers

Ukrainian law enforcement arrested cybercriminals associated with the Clop ransomware gang and shut down infrastructure used in attacks targeting victims worldwide since at least 2019.

According to the Cyberpolice Department of the National Police of Ukraine the ransomware group is behind total financial damages of roughly $500 million.

“Together, law enforcement has managed to shut down the infrastructure from which the virus spreads and block channels for legalizing criminally acquired cryptocurrencies,” Ukrainian authorities said.

“Law enforcement officers conducted 21 searches in the capital and Kyiv region, in the homes of the defendants, and in their cars.”

“The defendants face up to eight years in prison. Investigative actions continue. Procedural guidance is provided by the Office of the Prosecutor General of Ukraine.”

Based on Ukrainian police’s press release, it is not yet clear if the arrested individuals are affiliates or core members of the ransomware operation.

The cybercriminals were arrested following an international operation in conjunction with law enforcement officers from the United States and the Republic of Korea.

Also Read: PDPA Singapore Guidelines: 16 Key Concepts For Your Business

Cybersecurity company Intel 471 told BleepingComputer that the Ukrainian authorities arrested only individuals involved in laundering money for the Clop gang since its core members are likely out of harm’s way in Russia.

“The law enforcement raids in Ukraine associated with CLOP ransomware were limited to the cash-out/money laundering side of CLOP’s business only,” Intel 471 said.

“We do not believe that any core actors behind CLOP were apprehended and we believe they are probably living in Russia.

“The overall impact to CLOP is expected to be minor although this law enforcement attention may result in the CLOP brand getting abandoned as we’ve recently seen with other ransomware groups like DarkSide and Babuk.”

Clop ransomware operation’s previous activity

In addition to encrypting attacks, the Clop ransomware gang was linked to the recent wave of Accellion data breaches which led to a drastic increase in average ransom payments calculated for the first three months of 2021.

While as part of regular ransomware attacks the victims’ data is encrypted, Clop’s attacks did not encrypt a single byte but instead exfiltrated large amounts of data from high-profile companies that used Accellion’s legacy File Transfer Appliance (FTA).

The gang used the stolen data as leverage to extort the compromised companies with high ransom demands.

Starting with January, BleepingComputer reported Clop attacks abusing Accellion to breach:

Clop also claimed to have stolen 2 million credit cards from Korean retailer E-Land’s servers using point-of-sale (POS) malware before deploying ransomware on their network one year later, in November 2020.

Previously, Clop ransomware was behind attacks on Maastricht UniversitySoftware AG ITExecuPharm, and Indiabulls.

Clop’s Tor payment site and data leak site are still operational, so it looks like the Clop ransomware operation has not been completely shut down at this time.

Also Read: Data Protection Officer Singapore | 10 FAQs

BleepingComputer has reached out to the FBI for comment on their involvement in the investigation but had not heard back at the time of this publication.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us