Clop Ransomware

A variant of the CryptoMix, Clop ransomware is spreading via executables with legitimate digital signatures and is targeting entire networks instead of individual users.

  • CLOP ransomware belongs to CryptoMix ransomware family. The ransom note indicates that the attackers are targeting an entire network rather than an individual computer.

  • Clop ransomware uses similar processes like Maze and Revil to steals data before encrypting the company systems, so even if the company refuses to pay the ransom the operators behind them can still make some profit by selling the stolen data on Dark Web markets.