After shutting down their entire operation for several months, between November and February, the Cl0p ransomware is now back.
The surge in activity was noticed after the ransomware group added 21 new victims to their data leak site within a single month of April.
Cl0p has became very active comparing to itself in the past. Comparing other ransomware groups in April: Lockbit 2.0 has published 103 victims and Conti – 45 victims, victims of CL0P increased massively, from 1 to 21.
Clop’s most targeted sector was the industrial sector, with 45% of Clop ransomware attacks hitting industrial organizations and 27% targeting tech companies.
Knowing the ransomware group’s most targeted sectors, companies should consider the possibility of being this gang’s next target and prepare accordingly.
However, despite already leaking data from almost two dozen victims, the ransomware group doesn’t seem very active based on the number of submissions on the ID Ransomware service.
The list of companies that had their servers hacked by Cl0p in the past includes, among others, energy giant Shell, cybersecurity firm Qualys, supermarket giant Kroger, and multiple universities worldwide (the University of Colorado, University of Miami, Stanford Medicine, University of Maryland Baltimore (UMB), and the University of California.)
Your data might already be exposed. Most companies find out too late. Let ’s change that. Trusted by 100+ security teams.
🚀Ask for a demo NOW →Q: What is dark web monitoring?
A: Dark web monitoring is the process of tracking your organization’s data on hidden networks to detect leaked or stolen information such as passwords, credentials, or sensitive files shared by cybercriminals.
Q: How does dark web monitoring work?
A: Dark web monitoring works by scanning hidden sites and forums in real time to detect mentions of your data, credentials, or company information before cybercriminals can exploit them.
Q: Why use dark web monitoring?
A: Because it alerts you early when your data appears on the dark web, helping prevent breaches, fraud, and reputational damage before they escalate.
Q: Who needs dark web monitoring services?
A: MSSP and any organization that handles sensitive data, valuable assets, or customer information from small businesses to large enterprises benefits from dark web monitoring.
Q: What does it mean if your information is on the dark web?
A: It means your personal or company data has been exposed or stolen and could be used for fraud, identity theft, or unauthorized access immediate action is needed to protect yourself.