Google cybersecurity specialists have uncovered a large-scale cyberattack campaign carried out by the Russian hacking group Clop, which led to the theft of data from dozens of international organizations. This is reported by TechCrunch, writes UNN.
Details
According to Google, the attackers exploited numerous vulnerabilities in Oracle E-Business Suite corporate software, which is used to manage business processes, store customer data, and employee personnel files.
CERT-UA detected cyberattacks on the Defense Forces via malicious XLL files01.10.25, 16:41
Having gained access to the companies' internal systems, the hackers stole a significant amount of sensitive information, after which they sent emails to executives with demands for ransom. According to preliminary information, the attacks began on July 10, but they were only discovered three months later.
Oracle officially confirmed the use of its software in hacking operations. Although the company previously stated that all known vulnerabilities had been eliminated in July, a new report acknowledged the existence of a "zero-day" vulnerability – one that the developer was unaware of and that allows remote attacks without entering a login or password.
Chinese hackers breached US law firms08.10.25, 06:53
The Russian group Clop is known for its large-scale attacks on corporate services using vulnerabilities unknown to manufacturers. It was previously involved in breaches of Cleo, MOVEit, and GoAnywhere systems, which led to the leakage of millions of records of personal and financial data.
In its official blog, Google published technical details of the incident, as well as a list of email addresses associated with the hackers, which can help cybersecurity specialists detect compromised Oracle systems and prevent further attacks.
Two teenagers detained in the Netherlands on suspicion of spying for Russia26.09.25, 13:31