Clop ransomware lists Cleo cyberattack victims
techradar.com
- Hackers were recently spotted abusing a flaw in multiple Cleo software tools
- Cl0p ransomware gang took responsibility for the attack
- The group has started listing victims on its website
The prolific ransomware threat actor Cl0p has added partial names of some of the companies that were successfully targeted through bugs in Cleo software. This is likely part of its pressure tactic, as it tries to extort money from its victims.
In early December this year, news broke that multiple managed file transfer tools from the same developer called Cleo Software were being abused to launch attacks and possibly steal data. At the time, cybersecurity researchers at Huntress claimed LexiCom, VLTransfer, and Harmony were all vulnerable to CVE-2024-50623, an unrestricted file upload and download vulnerability that could lead to remote code execution.
Cleo allegedly released a patch in October which didn’t entirely fix the issue, leaving the doors open to ...
Copyright of this story solely belongs to techradar.com . To see the full text click HERE