clop attacks Latournerie Wolfrom

Incident Date:

October 19, 2022

World map

Overview

Title

clop attacks Latournerie Wolfrom

Victim

Latournerie Wolfrom

Attacker

Clop

Location

Paris, France

, France

First Reported

October 19, 2022

Clop Ransomware Attacks Law Firm Latournerie Wolfrom

Clop, a notorious ransomware group, has claimed responsibility for an attack on the Paris-based law firm Latournerie Wolfrom. The firm, which has been in operation since 1995, is recognized for its technical expertise, rigor, and willingness to innovate. Latournerie Wolfrom assists clients with legal questions related to their growth and transformation projects while managing financial and reputational risks.

The attack on Latournerie Wolfrom is part of a larger trend of ransomware attacks on various industries. In the first half of 2023, the number of ransomware announcements increased significantly, with 328 announcements compared to the monthly average of 215 in 2022. Clop has been particularly active, exploiting zero-day vulnerabilities in managed transfer tools like MOVEit Transfer.

Clop ransomware uses the .clop extension after encrypting the victim's files and attempts to disable Windows Defender and remove Microsoft Security Essentials to avoid detection. The group has targeted a wide range of organizations, including financial services, universities, and energy companies.

Latournerie Wolfrom's vulnerability to ransomware attacks may be due to the increasing sophistication of threat actors and the evolving tactics, techniques, and procedures (TTPs) used in ransomware attacks. Organizations must remain vigilant and implement robust cybersecurity measures to protect against such threats.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.