clop attacks DUTTONFIRM

Incident Date:

April 3, 2022

World map



clop attacks DUTTONFIRM






Waterloo, USA

Iowa, USA

First Reported

April 3, 2022

Dutton Law Firm Targeted by Clop Ransomware Group

Company Overview

The Dutton Law Firm, a legal services provider based in Waterloo, Iowa, has been targeted by the Clop ransomware group. The attack was announced on the dark web leak site of the ransomware group, which also provided a link to the victim's website.

The Dutton Law Firm has been in operation since 1918 and offers a range of legal services, including financial advisor fraud, will contests, car accidents, lender liability, trust contests, personal injury, and estate dispute litigation. The firm has a strong reputation in the legal industry, with a focus on providing outstanding legal service to its clients.

Vulnerabilities and Targeting

The specific vulnerabilities that led to the Dutton Law Firm being targeted by the Clop ransomware group are not publicly disclosed. However, it is known that Clop is a ransomware that uses the .clop extension after encrypting the victim's files and attempts to disable Windows Defender and remove Microsoft Security Essentials to avoid detection.

Industry Impact

The legal services sector, including law firms and legal services, has been a target for ransomware attacks in recent years. In 2021, the Ward Arcuri Foley & Dwyer law firm was also targeted by the Clop ransomware group. These attacks can result in significant financial and reputational damage to the targeted organizations, as well as potential data breaches and loss of client trust.

Mitigation Strategies

To mitigate the risks of ransomware attacks, organizations should implement robust cybersecurity measures, including regular software updates, employee training, and the use of antivirus software. In the event of an attack, it is crucial to have a well-defined incident response plan in place to minimize the impact and ensure a swift recovery.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.