1. Forum
  2. FidoNet
  3. CONSPRCY

  • New Highs for Ransomware

    From Mike Powell@1:2320/105 to All on Wednesday, March 26, 2025 09:14:00
    Cl0p resurgence drives ransomware attacks to new highs in 2025

    Date:
    Wed, 26 Mar 2025 10:55:56 +0000

    Description:
    Ransomware attacks have reached a new historic high, and the Cl0p ransomware group is to blame.

    FULL STORY

    Ransomware attacks have had an 81% increase year on year, new research from NordStellar has claimed.

    This increase can be largely attributed to the Cl0p ransomware group, which
    has seen something of a resurgence as the group claims responsibility for 385 attacks in the first few weeks of 2025 alone.

    As a result, February 2025 saw the most ransomware attacks in history, with
    980 known attacks occurring in just 28 days - an average of 35 attacks per
    day.

    A Cl0p in the ocean

    The Cl0p group broke into the ransomware scene in around 2019, offering ransomware-as-a-service (RaaS), where a cybercriminal group will rent out
    their ransomware to others to commit their own attacks, or sell access to an organization's network and systems for others to encrypt and extort.

    The groups notoriety saw its peak after successfully breaching MOVEit Managed File Transfer , which saw over 600 organizations have their sensitive data stolen, affecting over 40 million people.

    So far in 2025, US organizations have made up 844 of the 2,040 victims, which Vakaris Noreika, a cybersecurity expert at NordStellar, attributes to the
    fact that American companies are often lucrative targets for ransomware
    groups thanks to their wealth and cyber insurance, as well as their highly interconnected networks - with each user, device, and connection acting as a potential point of entry for an attacker.

    The surge in ransomware attacks is unprecedented, proving the threat is more relentless than ever, Noreika says.

    The spike is driven by a combination of factors hackers exploiting zero-day vulnerabilities faster than ever, the rise of ransomware as a service (RaaS) lowering the barrier to entry, and organizations still struggling with unpatched systems and poor credential security."

    Cl0ps reemergence might be closely connected to the groups past activities, such as exploitation of zero-day vulnerabilities in Cleo file transfer software, compromising hundreds of organizations worldwide, says Noreika.

    This incident, like a similar MOVEit Transfer one in 2023, highlights the critical importance of promptly addressing vulnerabilities in managed file transfer solutions to protect against sophisticated cyber threats.

    In order to mitigate the potential threat of a ransomware attack, NordStellar recommends that organizations deploy multi-layered cybersecurity strategies,
    as well as using regular data backups that can be recovered in the event of
    an attack.

    Multi-factor authentication can also help protect against unauthorized
    access and lateral movement, with dark web monitoring tools providing an
    early sign of compromise for user credentials or stolen data.

    Organizations can also provide cybersecurity training to employees and deploy endpoint protection systems as a way to detect potential network intrusions.

    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/cl0p-resurgence-drives-ransomware-attac ks-to-new-highs-in-2025

    $$
    --- SBBSecho 3.20-Linux
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)