Ransomware

Massive Oracle E-Business Suite breach claimed by Clop ransomware

(Adobe Stock)

Organizations using Oracle's E-Business Suite have been bombarded by data extortion emails from the Clop ransomware operation, reports CyberScoop.

Hundreds of breached third-party accounts were noted by Google Threat Intelligence Group Head of Cybercrime and Information Operations Intelligence Analysis Genevieve Stark to have been harnessed to send emails to company executives on or before Sept. 29.

Despite the lack of specific demands, illicit emails sent by attackers had contact information listed on Clop's data leak site, according to Mandiant Consulting Chief Technology Officer Charles Carmakal.

"The primary indicators of this new campaign are the extortion emails themselves and the use of email addresses associated with the Clop data leak site. At this time, we do not have evidence of a successful data breach or a specific malware family associated with this particular campaign," said Stark.

Further investigation into the veracity of the claims, as well as the potential initial access vector, is underway amid a lack of public disclosure from Clop.

An In-Depth Guide to Ransomware

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds