臭名昭著的暗网勒索软件团伙Cl0p发布了一份因Cleo的托管文件传输(MFT)软件漏洞而受到攻击的公司名单。
Cl0p团伙在其暗网泄密网站上发布公告,重点指出了对严重漏洞CVE-2024-50623的利用。该漏洞允许未经身份验证的远程代码执行,并被Cl0p团伙积极用于渗透全球企业的网络。
该漏洞影响Cleo Harmony、VLTrader和LexiCom产品。尽管2024年10月发布了补丁,但网络安全研究人员发现该补丁不够完善,系统容易受到攻击。
该漏洞使攻击者能够上传恶意文件,这些文件会被软件自动执行,从而允许他们未经授权访问敏感数据。此后已发布了较新的补丁(版本5.8.0.24),但由于更新延迟或缓解措施不足,许多团伙仍然容易受到攻击。
Cl0p勒索软件团伙已宣布通过这一漏洞对全球许多目标发起攻击,目前至少有66家企业遭到攻击,受害者涉及物流、消费品和食品供应链等行业。
虽然仅披露了部分受影响企业的名称,但该团伙威胁说,如果赎金要求在1月21日之前得不到满足,他们将公布全部详细信息。
Cl0p勒索软件团伙的勒索策略
Cl0p以其复杂的勒索手段而闻名,它使用多层次的压力来强迫受害者支付赎金。在本案中,该团伙提供了安全的谈判沟通渠道,并警告称不遵守规定将导致被盗数据被公开。这种方法与Cl0p以前的活动如出一辙,例如2023年的MOVEit漏洞,当时数百家公司面临类似的威胁。
该团伙的暗网帖子还宣布计划分阶段发布更多受害者名单。第一批数据预计将于1月18日发布,随后将陆续发布后续数据。
Cleo已意识到问题的严重性,并发布了最新公告,敦促客户立即应用最新补丁。该公司还延长了24/7支持服务,以帮助受影响的客户保护其系统。
然而,网络安全专家警告说,使用Cleo产品的企业必须保持警惕,因为攻击者可能会继续瞄准未修补的系统。
此次事件凸显了勒索软件团伙利用广泛使用的文件传输平台漏洞的广泛趋势。Cl0p的历史包括对Accellion、GoAnywhere MFT和MOVEit软件的类似攻击,展示了利用零日漏洞进行大规模数据泄露的模式。
此次最新攻击凸显了及时补丁管理和强大的网络安全措施的重要性。依赖第三方软件的企业必须主动监控漏洞并及时实施缓解措施以减少风险。
随着Cl0p继续针对Cleo用户发起攻击,受影响的公司面临着越来越大的压力,需要迅速做出反应,否则将面临严重的声誉和财务损失。网络安全社区敦促所有企业优先更新系统并与执法机构合作,以减轻此类攻击的影响。
不断发展的形势清楚地提醒我们,像Cl0p这样的勒索软件团伙所构成的威胁以及他们利用关键基础设施漏洞的不断演变的策略。
Cl0p勒索软件团伙的暗网V3域名以及发布的公告
http://santat7kpllt6iyvqbr7q4amdv6dzrh6paatvyrzl7ry3zm72zigf4ad.onion/
Dear companies
A new part of the companies list will be partially opened and presented on 21.01. Hurry up to contact us so that your name is not on this list!!!Cl0p announcement.
We have data of many companies who use cleo. Our teams are reaching and calling your company and provide your special secret chat.
If you are not sure if we have your data.
emails us here:unlock@he1p-me.com
unlock@cl-leaks.com
support@he1p-center.comYOU HAVE UNTIL FRIDAY IF ALL THE DATA IS PUBLISHED AFTER THAT
Below you can find a list of companies that were notified but ignored and did not contact us:BLUEYONDER.COM – WILL BE PUBLISHED 18.01 SATURDAY
PISPL.IN – WILL BE PUBLISHED 18.01 SATURDAY
LINFOX.COM – WILL BE PUBLISHED 18.01 SATURDAY
ESPRIGAS.COM – WILL BE PUBLISHED 18.01 SATURDAY
DATATRAC.COM – WILL BE PUBLISHED 18.01 SATURDAY
WESTERNALLIANCEBANK.COM – WILL BE PUBLISHED 18.01 SATURDAY
CLEO.COM – WILL BE PUBLISHED 18.01 SATURDAY
CENTRIC.EU – WILL BE PUBLISHED 18.01 SATURDAY
CLAWLOGISTICS.COM – WILL BE PUBLISHED 18.01 SATURDAY
CPS.EDU – WILL BE PUBLISHED 18.01 SATURDAY
TERRA.COM – WILL BE PUBLISHED 18.01 SATURDAY
SDITECHNOLOGIES.COM – WILL BE PUBLISHED 18.01 SATURDAY
HEARSTPOWER.COM – WILL BE PUBLISHED 18.01 SATURDAY
STEELBLUE.COM.AU – WILL BE PUBLISHED 18.01 SATURDAY
COVESTRO.COM – WILL BE PUBLISHED 18.01 SATURDAY
NISSINFOODS.COM – WILL BE PUBLISHED 18.01 SATURDAY
ENCOMPASSTECH.COM – WILL BE PUBLISHED 18.01 SATURDAY
ICERIVERGREENBOTTLECO.COM – WILL BE PUBLISHED 18.01 SATURDAY
BREAKTHROUGHFUEL.COM – WILL BE PUBLISHED 18.01 SATURDAY
PREMIERSUPPLIES.COM – WILL BE PUBLISHED 18.01 SATURDAY
NOWINC.CA – WILL BE PUBLISHED 18.01 SATURDAY
CONSULTANTS.COM – WILL BE PUBLISHED 18.01 SATURDAY
SWEETSTREET.COM – WILL BE PUBLISHED 18.01 SATURDAY
OFSPORTAL.COM – WILL BE PUBLISHED 18.01 SATURDAY
SHEERLOGISTICS.COM – WILL BE PUBLISHED 18.01 SATURDAY
INNOTEKEP.COM – WILL BE PUBLISHED 18.01 SATURDAY
KEEACTIONSPORTS.COM – WILL BE PUBLISHED 18.01 SATURDAY
CHAMPIONHOMES.COM – WILL BE PUBLISHED 18.01 SATURDAY
ALPINEFOODS.COM – WILL BE PUBLISHED 18.01 SATURDAY
C3GROUP.NL – WILL BE PUBLISHED 18.01 SATURDAY
JAKKS.COM – WILL BE PUBLISHED 18.01 SATURDAY
CREELED.COM – WILL BE PUBLISHED 18.01 SATURDAY
HERTZ.COM – WILL BE PUBLISHED 18.01 SATURDAY
HILLBROS.COM – WILL BE PUBLISHED 18.01 SATURDAY
COYOTE.COM – WILL BE PUBLISHED 18.01 SATURDAY
NORTHERNONTARIOWIRES.COM – WILL BE PUBLISHED 18.01 SATURDAY
BMIUSA.COM – WILL BE PUBLISHED 18.01 SATURDAY
BUSINESSSYSINTEG.COM – WILL BE PUBLISHED 18.01 SATURDAY
RUIA.COM – WILL BE PUBLISHED 18.01 SATURDAY
DATACONSULTANTS.COM – WILL BE PUBLISHED 18.01 SATURDAY
EMKAY.COM – WILL BE PUBLISHED 18.01 SATURDAY
ARROW.COM – WILL BE PUBLISHED 18.01 SATURDAY
SPGUSA.COM – WILL BE PUBLISHED 18.01 SATURDAY
MADENGINE.COM – WILL BE PUBLISHED 18.01 SATURDAY
BRADLEYCALDWELL.COM – WILL BE PUBLISHED 18.01 SATURDAY
SULLYTRANSPORT.COM – WILL BE PUBLISHED 18.01 SATURDAY
SPADERFREIGHT.COM – WILL BE PUBLISHED 18.01 SATURDAY
SMC3.COM – WILL BE PUBLISHED 18.01 SATURDAY
ARTIKA.COM – WILL BE PUBLISHED 18.01 SATURDAY
BURRISLOGISTICS.COM – WILL BE PUBLISHED 18.01 SATURDAY
WHITMOR.COM – WILL BE PUBLISHED 18.01 SATURDAY
SEATTLECHOCOLATES.COM – WILL BE PUBLISHED 18.01 SATURDAY
UTILISMARTCORP.COM – WILL BE PUBLISHED 18.01 SATURDAY
CDRSOFTWARE.COM – WILL BE PUBLISHED 18.01 SATURDAY
CALEXISCS.COM – WILL BE PUBLISHED 18.01 SATURDAY
POLARISTRANSPORT.COM – WILL BE PUBLISHED 18.01 SATURDAY
AMPOL.COM.AU – WILL BE PUBLISHED 18.01 SATURDAY
USLUGGAGE.COM – WILL BE PUBLISHED 18.01 SATURDAY
OLAMETER.COM – WILL BE PUBLISHED 18.01 SATURDAYUPDATES
EKOMERCIO.COM FULL FILES PUBLISHED VIA TORUPDATES
VELSOL.COM FULL FILES PUBLISHED VIA TORUPDATES
WSINC.COM FULL FILES PUBLISHED VIA TORDear companies
Due to recent events (attack of CLEO)
all links to data of all companies will be disabled and data will be permanently deleted from servers.
We will work only with new companies
Happy New Year © CL0P^_