The US State Department’s “Rewards for Justice” program announced a 10 million dollar bounty for any information leading to clues on how the Clop ransomware attacks are linked to attacks on foreign governments.
Announced via Twitter, the Rewards for Justice account tweeted "Do you have info linking CL0P Ransomware Gang or any other malicious cyber actors targeting U.S. critical infrastructure to a foreign government? Send us a tip. You could be eligible for a reward.” This program was initially launched to gather information on terrorist groups targeting US interests.
The program has now grown to include attacks perpetrated by cyber criminals (even outside the US). It has collected information on the REvil ransomware, Russian Sandworm hackers, Evil Corp hacking group and more.
This Isn’t the first time the US has announced a substantial bounty for information on cyber crime, in May of this year the Department of Justice also announced a $10 million dollar bounty for information leading to the arrest of the alleged Russian ransomware mastermind Mikhail Pavlovich Matveev, also known online as “Wazawaka”.
Mikhail Pavlovich Matveev or “Wazawaka” was accused of demanding $400 million from his victims (most of which purportedly paid). His exploits make him one of the most prolific single cyber criminals in history, but due to his illusive nature he still remains uncaught despite the substantial bounty on his head.
Switching back to our story on the “Clop” ransomware, we covered one of the victims of this ransomware just last week in our article on the CalPers/CalSTRs data breach. Clop was used in the zero-day vulnerability found in the MOVEit file transfer software.
Now, the group behind the Cl0p ransomware is extorting companies whose data was stolen during the attack and threatening to leak it online if the ransom is not paid.
Victims of the Cl0p ransomware attack received this message June 17th, outlining the demands the group has for them and even offering an online chat to discuss the terms of payment. Victims are being given just 3 days to come to an agreement or an online page will be created by the group and their information will be leaked online.
Outside of paying the ransom or dealing with the fallout of their data being leaked, there is little recourse for victims of this type of crime. The bounty is not due to the businesses and individuals whose data has been stolen in this attack, but the fear that the Cl0p ransomware group also received information on data sensitive to US security during their attack.
The Cl0p ransomware group has said they will be deleting any data that pertains to the US or foreign governments, but of course there is no way to confirm this is true. All in all it will be interesting to see how the effects of offering a bounty for information leading to the arrest of individuals involved in these attacks acts as a deterrent for future attacks.
If your data was leaked in this recent breach or you’re worried about identity theft, we do have some tips on what to do if your information has been leaked online or or to lower your risk factors below:
Of course, the best method of keeping your data safe is to prevent it from being leaked in the first place, and Valley Techlogic can help. Cyber security is our main focus, and we know the cost of prevention can often dwarf the cost of remediation when it comes to cybercrime many times over. Learn more about how we can improve the security in your business today.
Looking for more to read? We suggest these other articles from our site.
This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://twitter.com/valleytechlogic.
You must be logged in to post a comment.