The Clop ransomware gang seems to be unbothered after recent arrests as the group resumed business as there are new sets of personal data on the group's data leak site once again.
In June, a sting operation by the National Police of Ukraine, the USA, and the Korean National Police Agency led to the arrest of some Clop ransomware group members.
Clop Ransomware Operation - The Arrest
According to Bleeping Computer, the Ukrainian Police shared a video that showed numerous law enforcement agents searching homes, seizing properties, and arresting several Clop members.
The report mentioned that 500 million Ukrainian hryvnias, documents, computer equipment, and high-end cars like Mercedes and Teslas were seized during the operation.
The press statement also mentioned that the law enforcement agencies' collaboration led to the infrastructure shutdown. The virus started to spread, and even block channels that legalize criminally acquired cryptocurrencies.
Clop - The Comeback
The arrest forced Clop's ransomware operation to take a halt -- for a week.
On Tuesday, June 22, the ransomware gang rose back into action by releasing private data of two victims on their website filled with ransomware data leaks.
Bleeping Computer stated that the continuity of Clop's ransomware operations is probably because the previous arrests only targeted the money laundering aspect of the gang. As a result, the primary members of the ransomware gang were not apprehended, which means that key members of the cybercrime group still organized crimes despite the arrests.
Law enforcement believed that they could not arrest critical members of the gang, as they probably reside in Russia.
Overall, the arrests hardly impacted Clop's business. It is only a minor setback, but it might affect the gang deeper than expected. The arrests might result in the gang's brand being abandoned -- similar to other ransomware gangs like Babuk and DarkSide.
The Clop Ransomware Operations
The Clop ransomware group had its humble beginnings in March 2019. The gang's first major cybercrime operation targeted the victim using a CryptoMix ransomware variant.
Since then, the ransomware hacking group gained a significant foothold in the ransomware industry. It is responsible for various large-scale ransomware attacks, including Indiabulls, ExecuPharma, Maastricht University, and Software AG IT.
The group's most recent ransomware operation involved stealing a massive chunk of data from Accellion FTA file transfer devices. The gang used a zero-day vulnerability, and threatened to release the data gathered if the companies would not pay them at least $10 million.
Clop managed to get their hands on data from cybersecurity firm Qualys, energy giant Shell, University of Miami, University of California, Flagstar Bank, and others.
The Ukrainian Police reported that the damage that Clop has caused might reach $500 million so far.
This article is owned by Tech Times
Written by Fran Sanders