Despite bold claims from a prominent ransomware gang, Home Depot, the largest company on a list of supposed victims, has denied its systems were penetrated. Another victim says it prevented the attack in the first place.
The notorious ransomware gang Cl0p has released yet another list of supposed victims. This time, the gang says it victimized nearly 200 companies, mostly based in the US.
Some of the biggest supposedly victimized organizations include Home Depot’s Mexico branch, major auto parts maker Marelli, cloud computing firm Rackspace Technology, spirits retailers Total Wine & More, and many others.
According to a message on the cartels’ dark web forum, the listed companies ignored Cl0p’s attempts to inform them they were hacked. However, at least one of the supposed victims denied its systems were impacted by any breach.
“We haven’t seen any evidence that Home Depot’s systems were compromised,” a representative from the company told Cybernews.
Meanwhile, Marelli's representatives confirmed the company received a note from the attackers. However, the company's security systems prevented data loss.
“Prior to being notified by this group, we had identified attempted attacks on our systems, which were promptly detected and isolated by our team on the very same day. Thanks to our proactive cybersecurity measures, we have found no evidence to suggest any data has been exfiltrated from our systems or otherwise compromised,” the company explained to Cybernews.
We’ve reached out to several other companies that hackers named among their most recent victims and will update the article once we receive a reply.
Earlier this month, the Russia-linked ransomware cartel published a smaller list with 47 organizations, including DXC Technology and Chicago Public Schools. In late 2024, Cl0p’s attackers hit over 60 organizations by leveraging critical vulnerabilities affecting Cleo software.
Cl0p reached infamy after its affiliates breached hundreds of organizations using the MOVEit Transfer zero-day vulnerability. The exploit was one of the largest-ever hacking campaigns, impacting over 2,600 organizations and almost 90 million individuals.
It’s estimated that the gang earned between $75 to $100 million from the MOVEit hacks alone.
While the gang operates under a well-documented ransomware-as-a-service (RaaS) model – renting its malware to willing affiliates and taking a cut of the profits – it differs from its peers in communication.
The gang says it provides “penetration testing” services to its victims, and stealing the data is only a part of the deal. Unlike other gangs, Cl0p also pioneers the attitude that victims should initiate contact with the attackers.
Updated on February 26th [09:50 a.m. GMT] with a statement from Marelli.
Your email address will not be published. Required fields are markedmarked