A week after Ukrainian law enforcement announced the identification of members of the Clop ransomware gang, hackers published a new batch of data, allegedly obtained from breaches of two additional victims, according to TechCrunch.
\n\n
The database contains confidential data which, the Clop hackers claim, were stolen from agricultural and architectural companies.
\n\n
Ars Technica has yet to verify the authenticity of the information and whether it was obtained from a breach. At the same time, a quick online search for the names listed in the database shows that they match the names of employees of an unnamed company.
\n\n
Representatives of the companies did not respond to requests for comment, and members of Clop did not respond to emails sent to the addresses listed on the group’s dark-web page.
\n\n
If the data’s authenticity is confirmed, this would indicate that the individuals identified in Ukraine are not core figures in the hacker group, but affiliated partners or people who play a smaller role in its operations, Ars notes.
\n\n
In mid-June, Ukrainian law enforcement said they had identified six members of the hacker group behind the Clop ransomware. The cyberpolice also said they had disrupted the group’s infrastructure.
\n\n
However, a ForkLog source said searches were conducted at OTC traders through which the ransomware operators moved bitcoins.
\n\n
Experts from Intel 471 also said that law enforcement carried out raids on individuals handling Clop’s funds, and that the main members of the group are more likely to be in Russia.
\n\n
Read ForkLog’s Bitcoin news on our Telegram — cryptocurrency news, rates and analysis.