Piles of money with the State Department logo

The US State Department’s Rewards for Justice program yesterday announced up to $10 million in rewards for information linking the Clop ransomware attacks to a foreign government.

“Do you have information linking CL0P Ransomware Gang or any other malicious cyber actor targeting US critical infrastructure to a foreign government? Send us a tip. You may be eligible for a reward”, tweeted the Rewards for Justice Twitter account.

Rewards of Justice (RFJ) is a US State Department program that provides monetary rewards for information about threat actors and attacks that impact the national security of the United States.

Originally launched to gather information on terrorists targeting US interests, the program has since expanded to include information on cybercriminals, such as the Conti ransomware operation, Russian Sandworm Pirates, REvil ransomwareand the Evil Corp Hacking Group.

Data Breaches at US Federal Agencies

This new RFJ bonus comes after the Clop ransomware carried out data theft attacks about companies around the world using a zero-day vulnerability in the MOVEit Transfer security file transfer platform.

The attacks began on May 27, during the long Memorial Day holiday in the United States, with the Clop ransomware gang claiming to have stolen data from hundreds of companies.

This week, Clop started extorting companies listing their names on a data leak site, promising to start leaking data if a ransom was not paid.

Clop message about MOVEit Transfer attacks
Clop message on MOVEit Transfer attacks​​​

At the same time, CNN first reported that numerous federal agencies, including the Department of Energy, were breached in these attacks, with data likely stolen.

Clop threat actors told BleepingComputer earlier this month that all data stolen from governments is immediately deleted. They reiterated those claims this week in a post on their Tor data, saying they were only financially motivated and not interested in politics.

“We got a lot of emails about government data, we don’t have any government data and anything residing directly on the exposed and poorly protected unencrypted file transfer, we always do the polite thing and delete everything “, reads a message on the Clop location leaked data.

While threat actors claim to delete all data stolen from governments, there is no way to determine if this is actually happening.

Therefore, federal agencies must assume that the stolen data could be abused or potentially acquired by foreign governments.

The Rewards for Justice program hopes to prevent future attacks by enticing people, including other threat actors who may have information about Operation Clop, to submit tips for a $1 million reward.

To submit a tip, the State Department set up a dedicated Tor SecureDrop server which can be used to submit information about Clop and other threat actors.


Source link