Clop ransomware operators seized confidential information held by the British police, according to the media, and the cybercriminal group targeted the IT firm Dacoll. According to the media, cybercriminals used a phishing attack to compromise the company's systems, which had access to the police national computer. The Mail reported the security breach on December 19, 2021, while the gang released the stolen material on its leak site on the dark web.
Clop Ransomware, a member of the well-known Cryptomix ransomware family, is a nasty file-encrypting virus that deliberately avoids unprotected systems and encrypts saved files by planting the .Clop extension. It uses the AES cypher to encrypt images, videos, music, databases, papers, and attaches the .CLOP or.CIOP file extension which stops victims from accessing personal information. For instance, "sample.jpg" is renamed "sample.jpg.Clop."
Clop virus gets its name from the Russian word "klop," which means "bed bug" — an insect of the genus Cimex that feeds on human blood at night. Clop ransomware is regarded as extremely severe malware due to the virus's ability to infect the majority of operating system versions, including Windows XP, Windows 7, Windows 8, Windows 8.1, and Windows 10.
The security breach occurred in October, when Clop ransomware operators obtained access to Dacoll data, including that of the PNC, which contained personal information and records for 13 million people. Dacoll, while confirming the data breach said, “We can confirm we were the victims of a cyber incident on October 5.”
“We were able to quickly return to our normal operational levels. The incident was limited to an internal network not linked to any of our clients’ networks or services.”
“The cyber-criminal gang Clop has released some of the material it plundered from an IT firm that handles access to the police national computer (PNC) on the so-called ‘dark web’ – with the threat of more to follow.” reported the Daily Mail. “Clop is believed to have demanded a ransom from the company, Dacoll, after launching a ‘phishing’ attack in October."
Dacoll declined to pay and did not reveal the sum of the ransomware gang's demand. Photographs of motorists exfiltrated from the National Automatic Number Plate Recognition (ANPR) system, footage, and close-up images of the faces of drivers who have committed traffic offenses are among the stolen information.