CLOP Ransomware Activity Spiked in April

In just one month, the ransomware group's activity rose by 2,100%, a new report finds.

Dark Reading Staff, Dark Reading

May 25, 2022

1 Min Read
Screen shot of ransomware notice that a system has been breached.
Source: JAM via Alamy Stock Photo

While on the whole the ransomware landscape remained fairly stable between March and April, a new analysis shows a sizable hike in attack activity from the CLOP ransomware group.

The NCC Group April Threat Pulse update says that the CLOP ransomware group leapfrogged from dead last to the fourth most active group for the month, a 2,100% increase over March. 

The industrial sector was most targeted in April, suffering 35% of ransomware attacks, followed by consumer cyclicals (19%) and technology (10%), according to NCC. 

CLOP appears to favor targeting the industrial and technology sector, the researchers warn. 

"The increase in CL0P's activity seems to suggest they have returned to the threat landscape," Matt Hull, global lead for strategic threat intelligence at NCC Group, said in a statement about the new ransomware group activity findings. "Organizations within CL0P's most targeted sectors — notably industrials and technology — should consider the threat this ransomware group presents, and be prepared for it." 

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights