• Skip to main content
  • Skip to header right navigation
  • Skip to site footer
Restore Privacy

Restore Privacy

Resources to stay safe and secure online

  • News
  • Tools
    • Secure Browser
    • VPN
    • Ad Blocker
    • Secure Email
    • Private Search Engine
    • Data Removal
      • Incogni Review
    • Password Manager
    • Secure Messaging App
    • Tor
    • Identity Theft Protection
    • Unblock Websites
    • Privacy Tools
  • Email
    • Secure Email
    • ProtonMail Review
    • Tutanota Review
    • Mailfence Review
    • Mailbox.org Review
    • Hushmail Review
    • Posteo Review
    • Fastmail Review
    • Runbox Review
    • CTemplar Review
    • Temporary Disposable Email
    • Encrypted Email
    • Alternatives to Gmail
  • VPN
    • What is VPN
    • VPN Reviews
      • NordVPN Review
      • Surfshark VPN Review
      • VyprVPN Review
      • Perfect Privacy Review
      • ExpressVPN Review
      • CyberGhost Review
      • AVG VPN Review
      • IPVanish Review
      • Hotspot Shield VPN Review
      • ProtonVPN Review
      • Atlas VPN Review
      • Private Internet Access Review
      • Avast VPN Review
      • TorGuard Review
      • PrivadoVPN Review
    • VPN Comparison
      • NordVPN vs ExpressVPN
      • NordVPN vs PIA
      • IPVanish vs ExpressVPN
      • CyberGhost vs NordVPN
      • Surfshark vs NordVPN
      • IPVanish vs NordVPN
      • ExpressVPN vs PIA
      • VyprVPN vs NordVPN
      • CyberGhost vs ExpressVPN
      • NordVPN vs HideMyAss
      • ExpressVPN vs ProtonVPN
      • Atlas VPN vs NordVPN
      • ExpressVPN vs Surfshark
      • NordVPN vs Proton VPN
      • Surfshark vs CyberGhost
      • Surfshark vs IPVanish
    • Best VPNs
      • Best VPN for Torrenting
      • Best VPN for Netflix
      • Best Free VPN
      • VPN for Firestick TV
      • Best VPN for Android
      • Best VPN for Gaming
      • Best VPN for PC
      • Best VPN for Disney Plus
      • Best VPN for Hulu
      • Best VPN for Mac
      • Best VPN for Streaming
      • Best VPN for Windows
      • Best VPN for iPhone
    • VPN Coupons
      • ExpressVPN Coupon
      • NordVPN Coupon
      • Cyber Monday VPN Deals
      • NordVPN Cyber Monday
      • Surfshark VPN Cyber Monday
      • ExpressVPN Cyber Monday
    • VPN Guides
      • Free Trial VPN
      • Cheap VPNs
      • Static IP VPN
      • VPN Ad Blocking
      • No Logs VPN
      • Best VPN Chrome
      • Best VPN Reddit
      • Split Tunneling VPN
      • VPN for Binance
      • WireGuard VPN
      • VPN for Amazon Prime
      • VPN for Linux
      • VPN for iPad
      • VPN for Firefox
      • VPN for BBC iPlayer
    • By Country
      • Best VPN Canada
      • Best VPN USA
      • Best VPN UK
      • Best VPN Australia
      • VPN for Russia
    • VPN Router
  • Password
    • Best Password Managers
    • Comparisons
      • NordPass vs 1Password
      • 1Password vs LastPass
      • NordPass vs LastPass
      • RoboForm vs NordPass
      • 1Password vs Bitwarden
      • Dashlane vs NordPass
      • 1Password vs Dashlane
      • NordPass vs Bitwarden
    • KeePass Review
    • NordPass Review
    • 1Password Review
    • Dashlane Review
    • RoboForm Review
    • LastPass Review
    • Bitwarden Review
    • Strong Password
  • Storage
    • Best Cloud Storage
    • pCloud Review
    • Nextcloud Review
    • IDrive Review
    • SpiderOak Review
    • Sync.com Review
    • MEGA Cloud Review
    • NordLocker Review
    • Tresorit Review
    • Google Drive Alternatives
  • Messenger
    • Secure Messaging Apps
    • Signal Review
    • Telegram Review
    • Wire Review
    • Threema Review
    • Session Review
  • Info
    • Mission
    • Press
    • Contact
  • News
  • Tools
    • Secure Browser
    • VPN
    • Ad Blocker
    • Secure Email
    • Private Search Engine
    • Data Removal
      • Incogni Review
    • Password Manager
    • Secure Messaging App
    • Tor
    • Identity Theft Protection
    • Unblock Websites
    • Privacy Tools
  • Email
    • Secure Email
    • ProtonMail Review
    • Tutanota Review
    • Mailfence Review
    • Mailbox.org Review
    • Hushmail Review
    • Posteo Review
    • Fastmail Review
    • Runbox Review
    • CTemplar Review
    • Temporary Disposable Email
    • Encrypted Email
    • Alternatives to Gmail
  • VPN
    • What is VPN
    • VPN Reviews
      • NordVPN Review
      • Surfshark VPN Review
      • VyprVPN Review
      • Perfect Privacy Review
      • ExpressVPN Review
      • CyberGhost Review
      • AVG VPN Review
      • IPVanish Review
      • Hotspot Shield VPN Review
      • ProtonVPN Review
      • Atlas VPN Review
      • Private Internet Access Review
      • Avast VPN Review
      • TorGuard Review
      • PrivadoVPN Review
    • VPN Comparison
      • NordVPN vs ExpressVPN
      • NordVPN vs PIA
      • IPVanish vs ExpressVPN
      • CyberGhost vs NordVPN
      • Surfshark vs NordVPN
      • IPVanish vs NordVPN
      • ExpressVPN vs PIA
      • VyprVPN vs NordVPN
      • CyberGhost vs ExpressVPN
      • NordVPN vs HideMyAss
      • ExpressVPN vs ProtonVPN
      • Atlas VPN vs NordVPN
      • ExpressVPN vs Surfshark
      • NordVPN vs Proton VPN
      • Surfshark vs CyberGhost
      • Surfshark vs IPVanish
    • Best VPNs
      • Best VPN for Torrenting
      • Best VPN for Netflix
      • Best Free VPN
      • VPN for Firestick TV
      • Best VPN for Android
      • Best VPN for Gaming
      • Best VPN for PC
      • Best VPN for Disney Plus
      • Best VPN for Hulu
      • Best VPN for Mac
      • Best VPN for Streaming
      • Best VPN for Windows
      • Best VPN for iPhone
    • VPN Coupons
      • ExpressVPN Coupon
      • NordVPN Coupon
      • Cyber Monday VPN Deals
      • NordVPN Cyber Monday
      • Surfshark VPN Cyber Monday
      • ExpressVPN Cyber Monday
    • VPN Guides
      • Free Trial VPN
      • Cheap VPNs
      • Static IP VPN
      • VPN Ad Blocking
      • No Logs VPN
      • Best VPN Chrome
      • Best VPN Reddit
      • Split Tunneling VPN
      • VPN for Binance
      • WireGuard VPN
      • VPN for Amazon Prime
      • VPN for Linux
      • VPN for iPad
      • VPN for Firefox
      • VPN for BBC iPlayer
    • By Country
      • Best VPN Canada
      • Best VPN USA
      • Best VPN UK
      • Best VPN Australia
      • VPN for Russia
    • VPN Router
  • Password
    • Best Password Managers
    • Comparisons
      • NordPass vs 1Password
      • 1Password vs LastPass
      • NordPass vs LastPass
      • RoboForm vs NordPass
      • 1Password vs Bitwarden
      • Dashlane vs NordPass
      • 1Password vs Dashlane
      • NordPass vs Bitwarden
    • KeePass Review
    • NordPass Review
    • 1Password Review
    • Dashlane Review
    • RoboForm Review
    • LastPass Review
    • Bitwarden Review
    • Strong Password
  • Storage
    • Best Cloud Storage
    • pCloud Review
    • Nextcloud Review
    • IDrive Review
    • SpiderOak Review
    • Sync.com Review
    • MEGA Cloud Review
    • NordLocker Review
    • Tresorit Review
    • Google Drive Alternatives
  • Messenger
    • Secure Messaging Apps
    • Signal Review
    • Telegram Review
    • Wire Review
    • Threema Review
    • Session Review
  • Info
    • Mission
    • Press
    • Contact

Ukrainian Police Arrest Cl0p Ransomware Suspects Responsible for $500 Million in Damages

June 21, 2021 By RestorePrivacy Team — 1 Comment
Cl0p hackers arrested ransomware cybercrime

Ukrainian police announced they have arrested six people suspected of being members of the “Cl0p” ransomware gang. The Cl0p group has wreaked cybersecurity havoc on businesses and governments alike, with an estimated $500 million in damages from their ransomware.

The operation was conducted by Ukranianan authorities, in collaboration with law enforcement from South Korea, United States, and Interpol.

The Ukrainian National Police stated on Wednesday that they were able to arrest 6 members from the ransomware gang and conducted 21 searches in the homes of the defendants and in their cars. Electronic devices, cars and about 5m Hryvnias ($184,000) in cash were confiscated.

Cl0p Ransomware Gang Arrested Ukrane
Ukrainian police seized about $184,000 in cash, along with cars and electronic devices in the arrest of the suspected Cl0p members.

Ukrainian police published a video of the operation, which shows law enforcements entering homes, conducting searches, and seizing the suspects’ belongings.

Ukrainian authorities claim that Cl0p operators have caused more than $500 million in financial damages over the years. The Cl0p ransomware has been around since 2019, but has gained notoriety over the past year. This is caused by their increasing volume of their attacks and hitting dozens of victims by encrypting the files and demanding ransom.

Energy giant Shell, the Reserve Bank of New Zealand and multiple universities and organizations have fallen victim to Cl0p operators. For the past few months, Cl0p operators were able to hack these companies because of the vulnerabilities in Accellion’s File Transfer Appliance, essentially a dedicated computer used to move large and sensitive files within a network.

What is Cl0p?

Cl0p is thought to be an Eastern European cybercriminal gang responsible for large ransomware attacks and has been active since 2019. It appears the group may be associated with TA505 and FIN11, with similar malware.

Cl0p is one of several ransom gangs that use double extortion. With double extortion, threat actors go beyond just encrypting the file, they actually threaten to publicize the encrypted data and/or leak all the data online. This allows the gangs to demand two ransoms: one for the key to decrypt the file and a second one to avoid having the data published. Most of these ransomware gangs have their own dedicated data leak website where they will publish the leaked data if the ransom is not paid.

Cl0p published the name of the companies, and the sample of its stolen data, on its website, CL0p^- LEAKS. The data will be removed as soon as the ransom is paid.

Cl0p ransomware data leak

Now let’s see how Clop ransomware is tied in with Accellion.

Accellion data breaches and Clop

For the last couple of months, Cl0p has been exploiting the vulnerability in Accellion’s File Transfer Appliance, resulting in dozens of attacks on major companies. Clop stole data from companies that relied on Accellion’s legacy file transfer Appliance and exploited the vulnerability.

So how does this process work with a threat actor?

Cl0p contacts the breached companies through email, offering to negotiate a payment before leaking any data. If the company pays quickly, they will not leak any data, sometimes they even show proof that they have deleted the sensitive data.

“Based on multiple cases the Cl0p operators seem to be professional, respectful and that they even sometimes offer discounts.” according to Kimberly Goody, the manager of the financial crime analysis team at FireEye.

Is Cl0p still going to be active after the latest arrests?

Unfortunately, despite the arrests, the CL0P ransomware gang is still in operation, according to cybersecurity firm Intel 471. Intel 471 suspects that the police raid primarily affected CL0P’s money-laundering business. “We do not believe any of the main actors behind CL0P were caught, as they are probably living in Russia. The overall impact on CL0P is expected to be modest.”

However, the arrests also represent the second time in weeks that authorities have targeted a cybercrime gang by following the money. In early June, the US Department of Justice announced that it had seized most of the ransom paid to Colonial Pipeline hackers. This is a step in the right direction in the fight against ransomware gangs and cybercrime.

RestorePrivacy recommendations:

  • Regularly update your systems, software, and applications
  • Monitor any warning of suspicious behavior with all accounts
  • Only use trusted antivirus and malware software

Related:

What is Ransomware

About RestorePrivacy Team

The mission of RestorePrivacy is to give you all the information and tools you need to restore your online privacy, secure your electronic devices, and stay safe online. We cover breaking news in the privacy and security space, while also publishing in-depth guides and reviews.

Reader Interactions

Comments

  1. BoBeX

    June 25, 2021

    Hi RP,

    An out take of this article is the need to update all software on a PC. Considering Win 10, what is the best way to to update one’s software?

    Searching this, I found many advisories on how to update Win 10 – I was like I’ve got this, automatic updates; then MS Software Store – automatic updates – I’ve got this;

    The question arises about software that is not in the MS ecosystem? Where MS is not managing this – how do I manage this?

    This is advised often and solutions are infrequently provided.

    I have heard of “chocolatey,” what are the RP teams’ thoughts?

    Regards,

    BoBeX

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Sidebar

Digital Privacy Essentials:
Secure Browsers
Private Search Engines
Secure Email
Best Password Managers
Secure Messaging Services
Best Ad Blockers
Best VPN Services
Secure Cloud Storage

Privacy & Security Guides:
Privacy Tools
Alternatives to Google Products
Firefox Privacy Modifications
Five Eyes, 9 Eyes, 14 Eyes Spying
Browser Fingerprinting
Is Tor Safe?
Alternatives to Gmail
VPN vs Tor
Alternatives to WhatsApp
Is Your Antivirus Spying on You?
Controlling Communication Channels is Crucial for Privacy
Anonymity Networks: VPNs, Tor, and I2P
How to Really Be Anonymous Online
Private and Anonymous Payments

Secure Email Reviews:
ProtonMail Review
Tutanota Review
Mailfence Review
Mailbox.org Review
Hushmail Review
Posteo Review
Fastmail Review
Runbox Review
CTemplar Review
Temporary Email Services
Encrypted Email

Password Manager Reviews:
Bitwarden Review
LastPass Review
KeePass Review
NordPass Review
Dashlane Review
1Password Review
Best Password Managers

Secure Messaging App Reviews:
Wire Review
Signal Review
Threema Review
Telegram Review
Session Review
Wickr Review

Secure Cloud Storage Reviews
Tresorit Review
MEGA Cloud Review
Sync.com Review
Nextcloud Review
IDrive Review
pCloud Review
SpiderOak Review
NordLocker Review

How To Guides
How to Encrypt Files on Windows
How to Encrypt Email
How to Configure Windows 10 for Privacy
How to use Two-Factor Authentication (2FA)
How to Secure Your Android Device for Privacy
How to Secure Your Home Network
How to Protect Yourself Against Identity Theft
How to Unblock Websites
How to Fix WebRTC Leaks
How to Test Your VPN
How to Hide Your IP Address
How to Create Strong Passwords
How to Really Be Anonymous Online

About RestorePrivacy

Contact

Restore Privacy Checklist

  1. Secure browser: Modified Firefox or Brave
  2. VPN: NordVPN (68% Off Coupon) or Surfshark
  3. Ad blocker: uBlock Origin or AdGuard
  4. Secure email: Mailfence or Tutanota
  5. Secure Messenger: Signal or Threema
  6. Private search engine: MetaGer or Brave
  7. Password manager: NordPass or Bitwarden

About

Restore Privacy is a digital privacy advocacy group committed to helping people stay safe and secure online. You can support this project through donations, purchasing items through our links (we may earn a commission at no extra cost to you), and sharing this information with others. See our mission here.

We’re available for Press and media inquiries here.

Restore Privacy is also on Twitter

COPYRIGHT © 2023 RESTORE PRIVACY, LLC · PRIVACY POLICY · TERMS OF USE · CONTACT · SITEMAP