HomeNewsIndiabulls Group hit by CLOP Ransomware, gets 24-hour leak deadline

Indiabulls Group hit by CLOP Ransomware, gets 24-hour leak deadline

If you purchase via links on our reader-supported site, we may receive affiliate commissions.
cyberghost vpn ad

Unfortunately, Indiabulls Group has been breached by the operators of CLOP Ransomware.

Indiabulls Group is an Indian financial group with a revenue of around $3.5 billion (as of March 31, 2019). The company has about 20,000 employees and subsidiaries that focus on personal finance and lending, pharmaceuticals, infrastructure, and housing.

According to the report, these operators said they've stolen data, which includes 4 spreadsheets related to the Indiabulls Housing Finance Limited and Indiabulls Pharmaceuticals subsidiaries, among the stolen files.

As of now, the operators of CLOP Ransomware have uploaded 6 screenshots of the said files and told Indiabulls to reach out to them within 24 hours.

The report on Bleeping Computer claims that the operators of CLOP Ransomware were responsible for the cyberattack that steals unencrypted files and post a number of them on their leaks site, requesting to be paid to prevent them from uploading the files they took.

As said earlier, the 6 screenshots posted by CLOP Ransomware include a letter, a voucher, and 4 spreadsheets.

Until this moment, we are yet to figure out how the operators of CLOP Ransomware were able to gain access to the data, what's in the leaked data, and the amount of ransom they requested.

According to the reports, Indiabulls has a leaked Citrix Netscaler ADC VPN gateway that's vulnerable to the vulnerability of CVE-2019-19781. If exploited, the vulnerability can give an attacker the chance to remotely do arbitrary code execution for unauthenticated access, according to the info on the support page of Citrix.

In addition, a report by threat Intel firm Bad Packets claimed that in January, more than 25,000 Citrix (Netscaler) endpoints were discovered to be vulnerable to CVE-2019-19891.

In March 2020, it was reported that the operators of CLOP Ransomware also attacked a US pharmaceutical company, ExecuPharm. They stole an unencrypted file of 163GB, and this data have all been leaked ok their website.

About the Author:

Cybersecurity Expert at SecureBlitz | + posts

Fiorella Salazar is a cybersecurity expert, digital privacy advocate, and VPN evangelist based in Canada. She holds an M.Sc. in Cybersecurity from a Canadian university. She is an avid researcher and frequent contributor to several cybersecurity journals and magazines. Her mission is to raise awareness about the importance of digital privacy and the benefits of using a VPN. She is the go-to source for reliable, up-to-date information on VPNs and digital privacy.


Delete Me
Incogni Black Friday Ad
Heimdal Security ad


Please enter your comment!
Please enter your name here