Alphabet’s Google has warned of a wave of extortion emails targeting executives at multiple companies, with senders claiming to have stolen sensitive information from Oracle business applications. The campaign reportedly references Oracle E-Business Suite and appears to be conducted at scale, although Google has not verified the intruders’ claims.
According to Google, a group claiming affiliation with the cl0p ransomware gang is behind the emails. The company noted that it “does not currently have sufficient evidence to definitively assess the veracity of these claims.” Google did not disclose how many organizations were contacted or what specific data may have been taken. Oracle has not immediately responded to requests for comment.
Security researchers report that the ransom demands are substantial. Cynthia Kaiser, head of Halcyon’s Ransomware Research Center, said her firm has seen extortion requests “ranging from millions to tens of millions of dollars, with the highest coming in at $50 million.” She added that attribution is unclear due to overlapping criminal operations and frequent copycat activity. “There’s so much overlap amongst all these groups, and there are copycats across the ecosystem,” Kaiser noted. The cl0p gang, linked to multiple large-scale data theft and extortion incidents, has not clarified its involvement, stating in an email to Reuters that hackers were “not prepared to discuss details at this time.”
Experts advise organizations receiving such emails to avoid engaging with the senders, preserve evidence for investigators, and coordinate with internal security teams and law enforcement. Companies using Oracle E-Business Suite are urged to review access logs, monitor for anomalies, and ensure that the latest patches and identity protections are in place.
Recent Random Post:
