Cl0p criminal group responsible for MOVEit cyber-attack spree

The Cl0p ransomware organization is a criminal group that started perpetrating data-stealing cyberattacks against several institutions and private companies at the end of May 2023. Since last June 14, Cl0p has published the names of several victims on the leak site they have on the Dark Web, claiming to be responsible for the exploitation of a 0day vulnerability in the MOVEit file transfer software.

Ransomware-as-a-Service or RaaS is the type of operation used by Cl0p. This involves leasing malware to affiliates in exchange for a certain percentage of the ransom payment. The criminal organization uses a strategy known as "double extortion," in which they steal and encrypt their victims' data, refuse to restore access to the data, and then publish the extracted data if the ransom is not paid.

The list currently published has grown to 82 names, affecting companies, federal government agencies and local state agencies, leading to widespread leaks that have exposed the confidential data of millions of people.