Clop ransomware first appeared in 2019, which employs the .clop extension after encrypting the victim’s data. It has become a common threat to organizations and corporations. Additionally, it is found that Clop attacks a victim’s whole network as instead of just certain PCs.
To obtain initial access, the threat actors use a well-established network of affiliates. They then send a large number of spear-phishing emails to workers of an organization to induce infection.
Industrial enterprises were the target of 45% of Clop ransomware attacks, while IT companies were the target of 27% of these attacks.
The lull in the Clop ransomware gang’s activities may be easily explained by the fact that some of its infrastructures were shut down in June 2021 as a result of a global law enforcement operation known as Operation Cyclone, which was coordinated by INTERPOL.