- Upgrade to Microsoft Office Pro and Windows 11 Pro with this bundle for 87% off
- Get 3 months of Xbox Game Pass Ultimate for 28% off
- Buy a Microsoft Project Pro or Microsoft Visio Pro license for just $18 with this deal
- How I optimized the cheapest 98-inch TV available to look and sound incredible (and it's $1,000 off)
- The best blood pressure watches of 2024
Clop Gang Offers Data Downloads Via Torrents
The Clop ransomware group has begun offering access to data stolen in MOVEit attacks via torrents, it has emerged.
Security researcher Dominic Alvieri revealed the news on Twitter, with screenshots showing several big-name victims whose data is being made available via P2P sharing.
Among the corporate names on that list were investment firm Putnam, Iron Bow Technologies and insurance company Delaware Life. Management consultancy Aon, Zurich Brazil and United Healthcare Student Resources were also featured.
The move by Clop is likely due to the fact that large data dumps can be slow to download, eroding the value threat actors get by sharing them on leak sites.
The group included handy instructions on how to use torrent clients, alongside data on roughly 20 compromised organizations.
This isn’t the first time Clop has experimented with new ways to make its stolen data more accessible. The group previously created surface web sites dedicated to specific breached organizations like PwC.
Read more on Clop: Critical Zero-Day Flaw Exploited in MOVEit Transfer
Ransomware groups are constantly innovating to improve their reputation and monetization of attacks. Another area of interest is notification of the victims themselves.
One group recently hijacked the mass alert system of a Virginian university to pressure staff and students to lobby the institution’s administrators to pay.
Clop managed to compromise hundreds of victims after exploiting a zero-day bug in the MOVEit managed file transfer software.
Millions of end users have been impacted. Most recently, Virginian government contractor Maximum admitted that between eight and 11 million individuals may have had their personal information compromised via the campaign.