• Sat. Oct 14th, 2023

MOVEit & Clop: 60M Held Hostage

Avatar photo

ByEsme Greene

Sep 21, 2023
MOVEit & Clop: 60M Held Hostage
Esme Greene
Latest posts by Esme Greene (see all)

The ongoing exploitation of vulnerabilities within MOVEit Transfer software has swiftly evolved into the most significant cyberattack of the present year. Cybersecurity firm Emsisoft has revealed that over 1,000 victims have fallen victim to the MOVEit breach, marking not only the largest breach of 2023, but also one of the most substantial in recent memory.

Clop Hack: Unleashing May’s Vulnerability Avalanche

This series of events originated in May when Progress publicly disclosed a zero-day vulnerability in MOVEit Transfer, a platform utilized by numerous organizations to securely transmit sensitive data online. This vulnerability opened the door for attackers, including the Clop hacker group, to infiltrate MOVEit Transfer servers and exfiltrate customer data.

Subsequently, Clop has persisted with attacks and threats of exposing stolen data unless a ransom is paid.

Key statistics regarding the situation:

  • As of August 25, Emsisoft has recorded over 60 million victims.
  • The majority of victims, at 83.9%, hail from the United States, trailed by Germany (3.6%), Canada (2.6%), and the United Kingdom (2.1%).
  • In July, Maximus confirmed that hackers had accessed the confidential health data of 11 million individuals.
  • IBM estimates the collective financial toll of the incident to be nearly $10 billion.
  • Researchers speculate that Clop might have been aware of the MOVEit vulnerability as far back as 2021.
  • In a bid to gather information about Clop, the U.S. State Department is offering a $10 million reward.
  • Coveware approximates that Clop could potentially amass up to $100 million from these hacks.

On its “Dark Web” platform, Clop asserts that it refrains from storing government or municipal data, asserting its pursuit is purely financially motivated.

Avatar photo

Esme Greene

Esme brings a wealth of knowledge and experience to our website, specializing in all aspects of DarkWeb security. With a deep understanding of the intricate workings of the DarkWeb and its associated cybersecurity risks, Esme curates insightful and informative content for our readers.