The US government has recently taken a significant step in its efforts to combat cybercrime by announcing a $10 million reward for information that could lead to the identification of a foreign government in collusion with the Clop ransomware group. This initiative has been launched under the auspices of the Rewards for Justice (RFJ) program of the US State Department, which was originally conceived to thwart terrorist activities aimed at the United States. This bold move is expected to deter nefarious actors from engaging in such illicit activities and to prompt informants to come forward with crucial information.
Below is a tweet from the official RFJ Twitter account –
Advisory from @CISAgov, @FBI: https://t.co/jenKUZRZwt
Do you have info linking CL0P Ransomware Gang or any other malicious cyber actors targeting U.S. critical infrastructure to a foreign government?
Send us a tip. You could be eligible for a reward.#StopRansomware pic.twitter.com/fAAeBXgcWA
— Rewards for Justice (@RFJ_USA) June 16, 2023
The RFJ program has continued to evolve to effectively combat the rising threat of cybercrime. It now focuses on gathering critical intelligence on notorious cybercriminal groups, including Conti, REvil, and Evil Corp, as well as individual hackers like Wazawaka. This program is dedicated to staying ahead of the latest cybersecurity challenges and providing timely support to those in need.
Following the Clop gang’s exploitation of a zero-day vulnerability in the MOVEit Transfer file transfer platform, leading to the unauthorized access of crucial data from multiple companies worldwide, the gang has used these attacks to hold data hostage and extort ransoms from their victims. In a bid to increase pressure on the victims, the group has created a dedicated leak website, listing targeted companies and threatening to expose sensitive data if the ransom is not paid.While the US government suspects the Clop gang has ties to a foreign government, the group denies any political involvement and claims its motivations are purely financial. They have also asserted that any data obtained from government sources is promptly deleted.
On Clop’s website, they have mentioned that they do not possess any governmental data and in case of non-encrypted file transfers, they ensure deletion of all data as a measure of courtesy.
The State Department has made it easy for people to share anonymous and critical information about the Clop gang or other dangerous threat actors through a dedicated Tor SecureDrop server. This platform makes it possible for concerned individuals to submit their information securely and without fear of being identified.
The introduction of a substantial US bounty indicates the nation’s resolute stance in protecting its infrastructure, fighting cybercriminal activities, and maintaining national security amidst the growing number and sophistication of digital crimes. It’s a clear indication of the US government’s commitment to ensuring the safety and security of its citizens.