Back in business: Cl0p grouping is back


The return of the Cl0p grouping is indicated by a new report by the NCC Group. Researchers noticed a sharp jump in the number of victims: from 1 victim in March to 21 in April. Like the infamous Conti and Lockbit cyber-ransomware gangs, Cl0p targets the industrial and technology sectors.

“The growth of Cl0p activity indicates the group’s return to the cybercrime arena. Organizations from the industrial and technology sectors are advised to be aware of a possible ransomware attack and be prepared for it,” said Matt Hull, head of Threat Analysis at NCC Group.

Such a revival speaks only about one thing – the gang has recovered from last year’s blow of the Ukrainian police. The arrest of several hackers associated with Cl0p was not enough to force the attackers to completely cease their activities.

The Cl0p gang is considered “big game hunters”, the list of its victims includes the oil industry giant Shell, the American bank Flagstar, Samsung and Nvidia.

Recall that recently reports began to arrive about the possible return of another group – REvil. Its methods have changed, now the group puts forward not only monetary, but also political demands.

Start a discussion …