The Clop ransomware gang has claimed responsibility for the recent Cleo data theft attacks, which exploited zero-day vulnerabilities in corporate networks and stole sensitive information. The attacks targeted Cleo’s managed file transfer platforms, including Cleo Harmony, VLTrader, and LexiCom, used by companies to securely exchange files with business partners and customers. A vulnerability tracked as CVE-2024-50623 was initially fixed in October, but a subsequent patch was found to be incomplete, allowing threat actors to exploit the flaw. The attackers uploaded a JAVA backdoor, enabling them to steal data, execute commands, and gain further access to compromised networks. This incident highlights the importance of regular security updates and monitoring for vulnerabilities in file transfer platforms.
Source: https://www.bleepingcomputer.com/news/security/clop-ransomware-claims-responsibility-for-cleo-data-theft-attacks