|
gptkbp:instanceOf
|
cybercrime
|
|
gptkbp:alsoKnownAs
|
gptkb:Clop
|
|
gptkbp:connectsTo
|
gptkb:FIN11
|
|
gptkbp:exploits
|
phishing emails
malicious attachments
zero-day vulnerabilities
|
|
gptkbp:firstAppearance
|
2019
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
CL0P ransomware group
|
|
gptkbp:language
|
gptkb:Russian
|
|
gptkbp:mainActivity
|
ransomware attacks
|
|
gptkbp:monitors
|
gptkb:CISA
gptkb:Europol
gptkb:FBI
Cybersecurity researchers
|
|
gptkbp:notableBattle
|
Shell attack
Accellion FTA breach
MOVEit Transfer breach
|
|
gptkbp:notableFor
|
2020
2021
2023
|
|
gptkbp:operates
|
ransomware-as-a-service
|
|
gptkbp:publiclyNamedBy
|
gptkb:Kaspersky
gptkb:Microsoft
gptkb:Group-IB
gptkb:CrowdStrike
gptkb:ESET
gptkb:FireEye
gptkb:Mandiant
gptkb:BleepingComputer
gptkb:Symantec
gptkb:Check_Point
gptkb:Trend_Micro
gptkb:Recorded_Future
gptkb:Sophos
Unit 42
Coveware
The Hacker News
|
|
gptkbp:publishesDataOn
|
dark web leak sites
|
|
gptkbp:ransomwareFamily
|
gptkb:Clop
CryptoMix
CryptoWall
|
|
gptkbp:requires
|
cryptocurrency ransom payments
|
|
gptkbp:suspectedOrigin
|
gptkb:Eastern_Europe
|
|
gptkbp:tactics
|
data exfiltration
double extortion
|
|
gptkbp:target
|
gptkb:Kroger
gptkb:Stanford_University
gptkb:University_of_California
gptkb:government
gptkb:Morgan_Stanley
gptkb:Shell
gptkb:Flagstar_Bank
gptkb:Jones_Day
gptkb:Qualys
Government agencies
Retailers
Universities
Bombardier
education sector
healthcare sector
organizations worldwide
Hospitals
government entities
Law firms
Energy companies
|
|
gptkbp:threats
|
high
|
|
gptkbp:uses
|
gptkb:Linux_systems
gptkb:Bitcoin
gptkb:Tor_network
gptkb:Cobalt_Strike
gptkb:Mimikatz
gptkb:Monero
PowerShell scripts
cryptocurrency wallets
remote desktop software
RDP brute force
Windows systems
web shell
Active Directory exploitation
SDBot
anonymous email services
data compression tools
file transfer tools
network reconnaissance tools
|
|
gptkbp:usesMalware
|
Clop ransomware
|
|
gptkbp:bfsParent
|
gptkb:2023_US_government_agencies_hack
|
|
gptkbp:bfsLayer
|
7
|