The United States government has unveiled a $10 million reward for any information that can establish a connection between the notorious Clop ransomware gang and a foreign government. This move was initiated by the US State Department’s Rewards for Justice (RFJ) program, which was originally created to collect information on terrorist activities targeting the US.
“Do you have info linking CL0P Ransomware Gang or any other malicious cyber actors targeting US critical infrastructure to a foreign government? Send us a tip. You could be eligible for a reward. #StopRansomware,” reads a tweet on the official RFJ Twitter account.
The RFJ program has since evolved to address the rising concern of cybercrime, gathering intelligence on cybercriminal groups, such as the Conti, REvil, and Evil Corp as well as individual hackers like Wazawaka.
The announcement comes after the Clop gang exploited a zero-day vulnerability in the MOVEit Transfer file transfer platform. Through these attacks, Clop gained access to critical data from multiple companies worldwide, holding it hostage and using it to demand ransoms from the victims. In an attempt to apply pressure on the victims, the gang started listing targeted companies on a dedicated leak website, threatening to expose sensitive data if the ransom is not paid.
While the US government suspects that the clop gang has ties to a foreign government, the members of the gang claim that their motivations are purely financial and deny any political involvement. They also claim that any data stolen from government sources is promptly deleted.
“We don’t have any government data and anything directly residing on exposed and bad protected not encrypted file transfer we still do the polite thing and delete all,” clop wrote on its site.
To facilitate the submission of information, the State Department has established a dedicated Tor SecureDrop server that allows the public to share anonymous and crucial information about the Clop gang or any dangerous threat actors.
The introduction of the substantial US bounty signals the country’s determination to defend its infrastructure, combat cybercriminal activities, and maintain national security in the face of an escalating digital crime landscape.