Several US government agencies have been breached by the Cl0p ransomware gang's global hacking campaign in which the hackers exploited a zero-day bug in the MOVEit file transfer platform. Within hours of the US Cybersecurity and Infrastructure Security Agency (CISA) announcing the hack, the gang posted a message on its dark leak site reiterating that it was only financially motivated and had deleted all the information obtained from the US federal agencies.
Multiple US government agencies hit in MOVEit hack 2Source: Bleeping computer
CISA stated that it is providing support to several affected federal agencies but did not provide any details or names. The Cl0p homepage lists the names of 25 victims, including the University of Georgia and several banks. The group threatened to release all the victims' names and stolen data if the ransom was not paid. However, Cl0p released none of the stolen data, even though the original deadline passed.
Cl0p exploited a zero-day vulnerability in MOVEitTransfer, a managed file transfer software system that hundreds of companies worldwide use for securely sending and receiving files.
The US Department of State's Rewards for Justice program announced on 16 June a bounty of up to$10 million for information leading to the Clop ransomware attacks. The State Department has set up a dedicated Tor SecureDrop server for submitting information.