The Indian Computer Emergency Response Team(CERT-IN) warns Windows users about the new Virus called CLOP. A CLOP is the latest ransomware which is targeting businesses and organisations around the world.

CLOP is the latest ‘virus’ that you need to be careful about

"CLOP" The New Virus, Windows Users Be Careful About It
“CLOP” The New Virus, Windows Users Be Careful About It

Before CLOP virus, macOC users were alerted about the new ThiefQuest virus. If you download apps or Softwares from unofficial sites, then it might be expensive for you later.

According to the CERT-In,

“CLOP is distributed via fake software updates, trojans, cracks, unofficial software download sources, and spam emails. In the recent attack on an Indian conglomerate, it is suspected that the bug (CVE-2019-19781) in the Citrix Netscaler ADC VPN gateway was used to carry out the attack. Unfortunately, as of now no decryptor tool is available for CLOP ransomware.”

Once, your PC is infected with CLOP virus, and it will leak the information if the agreement deal of the ransom fails.

CERT-In said,

“Recently the threat actors behind Clop have stolen and encrypted the sensitive information of various organizations and after the failure of ransom payment, the stolen information was leaked on their “CL0P^_- LEAKS” data leak site, hosted on the dark web. The leaked information includes data backups, financial records, thousands of emails and vouchers etc.”

The latest virus CLOP uses RSA (Rivest-Shamir- Adleman) encryption algorithm and the keys generated are stored on a remote server controlled by Clop operators.

The Updated versions of Clop tried to expand the attack vectors through disabling and removing security solutions like Windows Defender and Microsoft Security Essentials etc. This CLOP virus can install additional password-stealing Trojans and other malware infections.

The ThiefQuest virus locks files in MacOS and then it spies on infected systems. This ransomware encrypts the files, and also install the keylogger, remote shell and steals cryptocurrency wallet-related files from the infected hosts.



LEAVE A REPLY

Please enter your comment!
Please enter your name here