A Version of the Clop Ransomware Found on Linux Systems Has a Defective Encryption Process

A new version of the Clop ransomware, designed for Linux, has been discovered in the wild. However, the encryption algorithm used is flawed, meaning that it is possible to decrypt files without paying the ransom. The ELF executable was first seen on December 26, 2022, and is believed to be part of an attack on educational institutions in Colombia. The Clop ransomware has been active since 2019, but six people associated with the group were arrested in June 2021. The ransomware made a surprise return in early 2022, targeting industrial and tech companies. The Linux version is not as advanced as the Windows version, and is currently undetected by all 64 security engines on VirusTotal. It is possible to decrypt files using a hard-coded master key, without paying the ransom. This development shows that threat actors are increasingly targeting other platforms, and that Linux-targeted ransomware campaigns are likely to become more common in the future.

This Cyber News was published on thehackernews.com. Publication date: Tue, 07 Feb 2023 13:22:03 +0000


Cyber News related to A Version of the Clop Ransomware Found on Linux Systems Has a Defective Encryption Process

Strong Encryption Explained: 6 Encryption Best Practices - Strong encryption protects data securely from unauthorized access, but the specific algorithms that qualify as strong encryption change over time as computing power increases and researchers develop new ways to break encryption. Even the strongest ...
9 months ago Esecurityplanet.com
What Is Encryption? Definition, How it Works, & Examples - To understand how encryption works, we need to understand how it fits into the broader realm of cryptology, how it processes data, common categories, top algorithms, and how encryption fits into IT security. Symmetric encryption will typically be ...
10 months ago Esecurityplanet.com
Types of Encryption, Methods & Use Cases - Encryption category types will explain the overarching and basic categories of classification for encryption, including the two most important: symmetric and asymmetric encryption. Encryption tool types will discuss the major classifications of ...
10 months ago Esecurityplanet.com
Business Data Encryption: Protecting Sensitive Information - In addition to implementing encryption technologies and policies, organizations should prioritize employee training on data encryption. By selecting the appropriate encryption technologies, implementing strong encryption policies, and training ...
7 months ago Securityzap.com
Symmetric vs. Asymmetric Encryption in the Cloud: Choosing the Right Approach - Asymmetric and symmetric encryptions are the modes of encryption typically used in cryptography. There is a single key involved with symmetric encryption used both for encryption and decryption. Symmetric and asymmetric encryption as ways of ...
3 months ago Cybersecurity-insiders.com
A version of the Clop ransomware designed for Linux systems was aimed at universities and colleges but had flaws - On December 26, researchers observed the first Clop ransomware variant targeting Linux systems. Clop has been around since 2019, attacking large companies, financial institutions, primary schools, and critical infrastructure around the world. After ...
1 year ago Therecord.media
Encrypting Data Using Asymmetric Encryption - Asymmetric encryption, commonly known as public-key encryption, is an important technique for safeguarding data transport and storage. Asymmetric encryption's multi-step process involving key generation, encryption, transmission, decryption, and key ...
9 months ago Feeds.dzone.com
CVE-2024-36886 - In the Linux kernel, the following vulnerability has been resolved: ...
3 months ago
The Clop Ransomware Vulnerability Enabled Linux Users to Retrieve Their Files for an Extended Period of Time - The Clop ransomware gang has recently been spotted using a malware variant that is specifically designed to target Linux servers. However, a flaw in the encryption scheme has allowed victims to recover their files without paying the criminals any ...
1 year ago Bleepingcomputer.com
The 6 Best Encryption Software - Though encryption could still be broken or cracked, strong encryption is nearly impenetrable. Top encryption software: Comparison table Top encryption software BitLocker: Best for Windows environments. It's an excellent choice for encryption software ...
5 months ago Techrepublic.com
Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
6 months ago Cisa.gov
Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
7 months ago Cisa.gov
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
8 months ago Securityboulevard.com
An overview of storage encryption for enterprises - Storage encryption is a key element in keeping enterprise data safe. Most enterprises use a combination of encryption methods to protect their data on premises, in motion and in the cloud, so it's important to understand the different types and best ...
4 months ago Techtarget.com
Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
1 year ago Heimdalsecurity.com
Cisco Talos Report: New Trends in Ransomware, Network Infrastructure Attacks, Commodity Loader Malware - The Cisco Talos Year in Review report released Tuesday highlights new trends in the cybersecurity threat landscape. We'll focus on three topics covered: the ransomware cybercriminal ecosystem, network infrastructure attacks and commodity loader ...
10 months ago Techrepublic.com
Ransomware Roundup - The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware Roundup covers the 8base ransomware. 8base ...
9 months ago Feeds.fortinet.com
A Version of the Clop Ransomware Found on Linux Systems Has a Defective Encryption Process - A new version of the Clop ransomware, designed for Linux, has been discovered in the wild. However, the encryption algorithm used is flawed, meaning that it is possible to decrypt files without paying the ransom. The ELF executable was first seen on ...
1 year ago Thehackernews.com
Medusa Ransomware Turning Your Files into Stone - Unit 42 Threat Intelligence analysts have noticed an escalation in Medusa ransomware activities and a shift in tactics toward extortion, characterized by the introduction in early 2023 of their dedicated leak site called the Medusa Blog. The Unit 42 ...
9 months ago Unit42.paloaltonetworks.com
Top 10 Notorious Ransomware Gangs of 2023 - By employing a multitude of advanced techniques like double extortion along with other illicit tactics, ransomware groups are continually evolving at a rapid pace. Here below, we have mentioned all the types of ransomware used by the threat actors ...
9 months ago Cybersecuritynews.com
How secure is the "Password Protection" on your files and drives? - People in certain professions, such as healthcare, law, and corporations, often rely on password protection when sending files via email, believing it provides adequate security against prying eyes. Protecting files with passwords without encrypting ...
5 months ago Helpnetsecurity.com
New Nevada Ransomware Targets Windows and VMware ESXi Systems - A relatively new ransomware operation known as Nevada is quickly growing in capabilities, targeting Windows and VMware ESXi systems. On December 10, 2022, Nevada ransomware was promoted on the RAMP darknet forums, inviting Russian and ...
1 year ago Bleepingcomputer.com
The Week in Ransomware - Earlier this month, the BlackCat/ALPHV ransomware operation suffered a five-day disruption to their Tor data leak and negotiation sites, rumored to be caused by a law enforcement action. The FBI revealed this week that they hacked the BlackCat/ALPHV ...
9 months ago Bleepingcomputer.com
The Week in Ransomware - Today's column brings you two weeks of information on the latest ransomware attacks and research after we skipped last week's article. BleepingComputer has learned that some of the BlackCat/ALPHV affiliates are not buying the explanation and have ...
9 months ago Bleepingcomputer.com
Ransomware trends and recovery strategies companies should know - Ransomware attacks can have severe consequences, causing financial losses, reputational damage, and operational disruptions. The methods used to deliver ransomware vary, including phishing emails, malicious websites, and exploiting vulnerabilities in ...
9 months ago Helpnetsecurity.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)