CL0P ransomware group

URI: https://gptkb.org/entity/CL0P_ransomware_group
GPTKB entity
Statements (87)
Predicate Object
gptkbp:instanceOf gptkb:cybercrime
gptkbp:alsoKnownAs gptkb:Clop
gptkbp:connectsTo gptkb:FIN11
gptkbp:exploits phishing emails
malicious attachments
zero-day vulnerabilities
gptkbp:firstAppearance 2019
gptkbp:language gptkb:Russian
gptkbp:mainActivity ransomware attacks
gptkbp:monitors gptkb:CISA
gptkb:Europol
gptkb:FBI
Cybersecurity researchers
gptkbp:notableBattle Shell attack
Accellion FTA breach
MOVEit Transfer breach
gptkbp:notableFor 2020
2021
2023
gptkbp:operates ransomware-as-a-service
gptkbp:publiclyNamedBy gptkb:Kaspersky
gptkb:Microsoft
gptkb:Group-IB
gptkb:CrowdStrike
gptkb:ESET
gptkb:FireEye
gptkb:Mandiant
gptkb:BleepingComputer
gptkb:Symantec
gptkb:Check_Point
gptkb:Trend_Micro
gptkb:Recorded_Future
gptkb:Sophos
Unit 42
Coveware
The Hacker News
gptkbp:publishesDataOn dark web leak sites
gptkbp:ransomwareFamily gptkb:Clop
CryptoMix
CryptoWall
gptkbp:requires cryptocurrency ransom payments
gptkbp:suspectedOrigin gptkb:Eastern_Europe
gptkbp:tactics data exfiltration
double extortion
gptkbp:target gptkb:Kroger
gptkb:Stanford_University
gptkb:University_of_California
gptkb:government
gptkb:Morgan_Stanley
gptkb:Shell
gptkb:Flagstar_Bank
gptkb:Jones_Day
gptkb:Qualys
Government agencies
Retailers
Universities
Bombardier
education sector
healthcare sector
organizations worldwide
Hospitals
government entities
Law firms
Energy companies
gptkbp:threats high
gptkbp:uses gptkb:Linux_systems
gptkb:remote_desktop_software
gptkb:Bitcoin
gptkb:Tor_network
gptkb:Cobalt_Strike
gptkb:Mimikatz
gptkb:Monero
gptkb:web_shell
PowerShell scripts
cryptocurrency wallets
RDP brute force
Windows systems
Active Directory exploitation
SDBot
anonymous email services
data compression tools
file transfer tools
network reconnaissance tools
gptkbp:usesMalware Clop ransomware
gptkbp:bfsParent gptkb:2023_US_government_agencies_hack
gptkbp:bfsLayer 7
https://www.w3.org/2000/01/rdf-schema#label CL0P ransomware group