Sign in / up

back to article Cl0p cybercrime gang's data exfiltration tool found vulnerable to RCE attacks

Security experts have uncovered a hole in Cl0p's data exfiltration tool that could potentially leave the cybercrime group vulnerable to attack. The vulnerability in the Python-based software, which was used in the 2023-2024 MOVEit mass data raids, was discovered by Italian researcher Lorenzo N and published by the Computer …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Doctor Syntax Silver badge

    "It added that 44 percent of the 682 unique IPs executing scans within the past 90 days (as of June 25) came from Tencent Cloud, with the others coming from Amazon, Cloudflare, and Google."

    I suppose the sort of people we're dealing with here will pay with cryptocurrency assuming the cloud providers will accept it. It might be a smart regulatory move to make the providers require verified banking details which would enable seizure of at least some assets and a starting point for attempts to trace the perpetrators.

    0 0 Reply
  2. BartyFartsLast Silver badge

    Amusing

    They would have to be bloody stupid to report it but surely exploiting the RCE vuln would be illegal?

    Though there are plenty of cases where people have reported their drug dealer to the police for ripping them off and a few where dealers have reported being robbed

    1 0 Reply
  3. Paul Hovnanian Silver badge

    Can we ...

    ... poison Cl0p's potential booty by installing appropriately named files/folders in various places around our systems?

    Yeah, I know. There is a non-zero probability that law enforcement will come after people who booby trap their own data. Won't somebody please think of the cyber criminals?

    0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like