Cyber gang Cl0p: Data allegedly stolen from HP and HPE
The criminal group Cl0p lists a total of 230 new victims on its darknet website. These include well-known companies such as HP and HPE.
(Image: Photon photo/Shutterstock.com)
The criminal online gang Cl0p is known for copying data from companies and then blackmailing them by releasing the data. They steal data from victims on a grand scale, for example through security loopholes in data transfer software such as MOVEit Transfer or Cleo. The perpetrators have now listed 230 new companies as victims on their Darknet website.
(Image:Â Screenshot / dmk)
Once again, only a few well-known companies are included in the extensive list of newly stolen companies. The best-known alleged victims are HP and Hewlett Packard Enterprise (HPE). After that, the level of awareness drops significantly, but the list also includes Homedepot Mexico.
Weak point for break-ins unclear
Previously, the gang members had usually named the security vulnerability used for the break-in, such as the one in Cleo. However, the companies now listed lack such a reference. The cybergang describes the lists as follows: "Below you will find a list of companies that were notified but ignored this and did not contact us." This is how the lists from which Cl0p then published the captured data were previously headed. In the screenshot above, you can also see the red color of the entries and the note that the data has been published. This is not yet the case in the new lists.
Videos by heise
The criminals also do not specify an ultimatum date by which the alleged victims must report. Cl0p also does not provide any evidence for the data withdrawal. In the past, however, the alleged attacks turned out to be true.
HPE had already investigated an alleged cyberattack around a month ago. A well-known leaker claimed to be in possession of sensitive data from Hewlett Packard Enterprise. However, the perpetrator, nicknamed "IntelBroker", had uploaded sample data there to prove the authenticity of the data.
In mid-January, the criminal group had already struck and abused data through a vulnerability in the Cleo data transfer software in order to copy masses of – partly sensitive – data from numerous companies. Among the almost 60 victims listed there, the best-known company was the car rental company Hertz.
Cl0p has since published the data from the extortion attacks in January, as Hertz did not contact the criminal organization. More than 200 files from the car rental company have ended up on the leak site in the Tor network.
(dmk)
