Protecting assets, driving growth

Cl0p: The New Cybercriminal Group

Cl0p is a cybercriminal group that gained notoriety after targeting large enterprises and government agencies with ransomware attacks. The group is believed to have started its operations in 2019 and has since been involved in multiple high-profile attacks. In this article, we will explore the rise of Cl0p and their modus operandi.

Modus operandi

Cl0p’s modus operandi involves using sophisticated ransomware to encrypt the victim’s data and demanding a ransom to decrypt it. The group typically targets organizations with sensitive data, including financial institutions, healthcare providers, and government agencies. In some cases, Cl0p has also stolen the victim’s data and threatened to publish it unless the ransom is paid.

Cl0p’s tactics involve exploiting vulnerabilities in software and networks to gain access to the victim’s systems. Once they have access, they use custom-built ransomware to encrypt the data, making it unusable until the ransom is paid. The group often demands significant sums of money, sometimes in excess of millions of dollars.

Notable attacks

Cl0p’s most notable attacks include the one on the University of California, which was hit with a ransomware attack that resulted in the theft of personal data of students and staff. The group also attacked the software company Accellion, resulting in the theft of confidential data belonging to multiple organizations. More recently, Cl0p targeted the Irish Health Service Executive, forcing the shutdown of their IT systems.

Response from law enforcement

Law enforcement agencies worldwide have been cracking down on Cl0p and other cybercriminal groups. In June 2021, the group’s infrastructure was dismantled, and multiple arrests were made in connection with the attacks. The authorities were able to seize significant amounts of cryptocurrency, which is often used to pay the ransoms.


Cl0p is a cybercriminal group that has made headlines for its high-profile attacks on organizations worldwide. Their modus operandi involves using sophisticated ransomware to encrypt the victim’s data and demand a ransom to decrypt it. While law enforcement agencies have made significant strides in cracking down on Cl0p, the group serves as a reminder of the ever-increasing threat of cybercrime in the modern world.

Leave a comment

Your email address will not be published. Required fields are marked *