The Cl0p Ransomware Gang Attacks NetScout Systems

The Cl0p ransomware gang has attacked NetScout Systems. NetScout Systems, Inc. is a technology company that specializes in providing solutions for network and application performance monitoring, diagnostics, and security. The company's products and services help organizations ensure the optimal functioning and security of their IT infrastructure, including networks, applications, and services.

NetScout offers a range of products and solutions that assist IT professionals in identifying and resolving network and application performance issues, as well as detecting and mitigating cybersecurity threats. Cl0p posted NetScout Systems to its data leak site on August 15th but provided no further details.

Cl0p: A Major Ransomware-as-Service Platform

Cl0p is a major Ransomware-as-service (RaaS) platform first observed in 2019. Cl0p is a dangerous ransomware family because it has advanced anti-analysis capabilities and anti-virtual machine analysis to prevent investigations in an emulated environment like those commonly used by security tools. Cl0p is one of just a handful of threat actors that have developed a Linux version.

While Linux has a tiny footprint in desktop computing, it runs ~80% of web servers and a substantial portion of embedded devices used in the healthcare field – and this means that Cl0p is likely actively recruiting new talent to help improve their platform and expand the scope of what and whom they can attack.