After a month of silence, the group finally began to demand money from the victims of the latest attack.
In mid-February, the Clop ransomware gang publicly claimed to have stolen the data of more than 130 companies through a zero-day vulnerability in Fortra's GoAnwhere MFT product. Now the group has begun extorting money from companies whose data was stolen in the hack.
Since the public announcement by Clop, only 2 of the 130 companies they have announced, Community Health Systems and Hatch Bank, have officially confirmed that their data was indeed stolen during the attack on the GoAnywhere MFT.
On March 10, the Clop ransomware gang listed on its onion website a list of 7 companies whose data may soon be leaked to the public. Some companies affected by the leak have already stated that the hackers did contact them, but the amount of the ransom money requested by the attackers is still unknown.
I wonder what the mood is now reigning in the company Fortra? Just 1 small vulnerability brought such enormous damage to hundreds of organizations at once. You definitely cannot envy the employees responsible for such a large-scale leak. Let's hope the company doesn't go bankrupt and decide to close after this incident.