CL0P Ransomware Claims 3 Prominent Victims In Alleged Attack


The CL0P ransomware group has listed 3 additional victims on its leak site. The mentioned victims include: McKinley Packing, Pilot and the Pinnacle Engineering Group.

McKinley Packing is a firm that provides paper and packaging company across the United States of America, with its production and distribution network operating in multiple different states.

The Pilot Corporation, founded in 1918, is a Japan-based manufacturer of writing instruments. The company has subsidiaries in Europe, Asia, South America and North America.

The Pinnacle Engineering Group (P.E.G.) offers civil engineering, construction, land surveying, landscape architecture, and drone services to private developers and government agencies.

No Confirmation Yet of CL0P Ransomware Group’s Claims

While the group has listed basic information and description about the firms, while linking to their official websites, the group has not provided larger context or details regarding the attack.

However, along with their descriptions the group also claimed that these companies did not care about their victims and ignored security practices. These targets while unconfirmed, operate with millions of dollars in annual revenue and span across multiple territories.

As CL0P listed the American branch of Pilot in its description of the attack, it is possible that the attack was likely focused on the American region and did not impact its main Japanese headquarters or other regional subsidiaries.

It did not list headquarters nor physical address for its other victims, making details about the attack further unclear.

CL0P Ransomware Pilot Pen
Source: X.com (@ZephrFish)

The group shared no sample files or screenshots to further their claims, nor was their a mention of the scope or details stolen from the attacks, making it difficult to determine the extent of the alleged claims.

The Cyber Express Team has reached out to both the American branch of Pilot Corporation as well as McKinley packaging for further details and confirmation about the attacks. However, no response has been received yet at the time of writing this article.

CL0P Ransomware Group Has a History of Striking Prominent Targets

The CL0P ransomware group, being one of the most prominent ransomware groups, is known for it’s attacks on high-profile targets as well as the extent of data stolen in their operations.

Last year in 2023, the group was responsible for massive data breach attacks on several different organizations through the exploitation of the MOVEit Vulnerability.

This campaign prompted the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) to issue a joint cybersecurity advisory (CSA) to disseminate the IOCs and TTPs associated in CL0P’s operations through FBI investigations.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.



Source link