Cl0p Targets Oracle's E-Business Suite in Major Ransomware Attack
A notorious ransomware group, Cl0p, is at it again. This time, they've targeted large organizations using a vulnerability in Oracle Corp.'s E-Business Suite applications. The group is extorting executives, with demands sent from compromised third-party accounts on or before Sept. 29, 2023.
Cl0p has exploited weaknesses in Oracle's E-Business Suite, which runs core business operations like financial, supply chain, and customer relationship management. Among the affected businesses are British Airways, BBC, Boots, Aer Lingus, Transport for London, Ofcom, U.S. government agencies, and the UK energy provider Zellis. The group claims to have stolen data via this method since June 2023.
The extortion emails, characteristic of Cl0p, are written in sloppy English with poor grammar. At least one email address used in the notes was previously linked to a Cl0p affiliate. Google cybersecurity experts and other parties have confirmed these attacks. Cl0p is known for its sophisticated malware that locks files and demands ransom. The U.S. Cybersecurity and Infrastructure Security Agency estimates Cl0p has compromised more than 3,000 businesses in the U.S. and 8,000 globally.
Cl0p's latest campaign, targeting Oracle's E-Business Suite, has affected numerous large businesses. While Google is still verifying the claims, the group's characteristic extortion emails and previous history of attacks are cause for concern. Businesses are urged to strengthen their cybersecurity measures to protect against such threats.
Read also:
- Web3 gaming platform, Pixelverse, debuts on Base and Farcaster networks
- Goodyear in 2025: Advancement in Total Mobility through the Launch of Kmax Gen-3 by Goodyear
- Boston Metal pioneers route to commercial production for eco-friendly steel method
- Electric SUV Showdown: Vinfast VF6 or MG Windsor EV - Your Choice Revealed
