A joint cybersecurity advisory from the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) has released a series of protections to help reduce the impact of attacks by the CL0P ransomware gang.
long-standing ransomware The group, also known as TA505, is currently targeting a vulnerability in the MOVEit file transfer software (CVE-2023-3436), which has reportedly stolen data from the underlying MOVEit Transfer database.
Now, though, anyone who can establish a link between the gang and a foreign government can be rewarded.
Announcing CL0P bounty
The U.S. Department of State Judicial Rewards Program announced in a statement tweet:
“Do you have information linking the CL0P ransomware gang, or any other malicious cyber actor targeting US critical infrastructure, to a foreign government? Give us a tip. You may be eligible for a bounty.”
The United States is most concerned about threats of extortion, unauthorized access, and sabotage related to critical and protected infrastructure, including those used for or affecting interstate or foreign commerce or communications.
Rewards for Justice welcomes any information via Signal, Telegram, WhatsApp and its Tor-based tip line.
supplementary postal The detailed plan offers rewards of up to $10 million to those who can provide information that “leads to the identification or location of any person who, at the direction or control of a foreign government, engages in malicious cyber activity against the United States in violation of the Computer Fraud and Abuse Act ( CFAA) critical infrastructure.”
It also reported that “possible relocation and incentive payments in cryptocurrency may be available to eligible sources.”
While it is not known who is behind the group, its name is believed to be derived from the Russian word “klop”, which means bedbug (via Convinced). CL0P is also believed to be behind an attack by the Tasmanian government earlier this year.