Clop ransomware operators are switching to a new tactic to force victims into paying the ransom by emailing their customers and asking them to demand a ransom payment to protect their privacy.
The new technique aims at making the double-extortion tactic more efficient, crooks sent emails directly to victims’ customers found in documents stolen during the ransomware attack.
According to BleepingComputer, the first victim threatened with this new tactic was Flagstar Bank followed by the University of Colorado.
“In an email seen by BleepignComputer, Clop is now using the same tactic to the customers of an online maternity clothing store, which will not be naming.” reported BleepingComputer. “In these emails, Clop is sending customers threatening emails with the subject “Your personal data has been stolen and will be published.”
Clop ransomware operators invited the victim’s customer to contact the victim and ask it protect their privacy by paying the ransomware.
Ransomware operators continue to evolve their tactics, recently the REvil ransomware gang announced that they are using DDoS attacks and voice calls to the victim’s business partners and journalists to force the victims into pay the ransom.
If you want to receive the weekly Security Affairs Newsletter for free subscribe here.
Follow me on Twitter: @securityaffairs and Facebook
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, Clop Ransomware)
[adrotate banner=”5″]
[adrotate banner=”13″]
China-linked threat actors are preparing cyber attacks against U.S. critical infrastructure warned FBI Director Christopher…
The United Nations Development Programme (UNDP) has initiated an investigation into an alleged ransomware attack…
BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large…
An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost.…
Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since…
Cisco has addressed a high-severity vulnerability in its Integrated Management Controller (IMC) for which publicly…
This website uses cookies.