- Hackers exploited Oracle E-Business Suite via compromised emails.
- Clop ransomware gang demands large ransoms using data leaks.
- Companies must enforce strong security and employee awareness.
A notorious ransomware gang is reportedly targeting executives at major companies, claiming to have stolen sensitive information from Oracle’s widely used E-Business Suite. Google cybercrime analysts say the attacks began around September 29, with hundreds of compromised email accounts sending extortion messages to corporate leaders.
Google’s head of cybercrime analysis, Genevieve Stark, confirmed that the tech giant has not yet verified the hackers’ claims. Nevertheless, the emails have raised alarm across industries, as they leverage sophisticated tactics to pressure victims into paying substantial ransoms.
Clop Ransomware: A Growing Threat
The extortion emails are linked to the Clop ransomware gang, a group notorious for exploiting zero-day vulnerabilities—previously unknown software flaws that allow hackers to bypass security measures. Clop has successfully breached hundreds of organizations over the years, compromising data of tens of millions of people.
Mandiant CTO Charles Carmakal noted that the emails contained contact addresses listed on Clop’s data leak site, a tool hackers use to intimidate victims into paying to remove stolen files. Bloomberg reports that in one case, the group demanded $50 million from a targeted company.
How Hackers Accessed Oracle Systems
Investigators say the hackers abused default password-reset features and used compromised emails to gain credentials for Oracle E-Business Suite web portals. These portals, accessible via the internet, manage critical company functions including customer databases, employee records, and human resources files.
Oracle’s E-Business Suite serves thousands of organizations worldwide, making it a high-value target for cybercriminals. While Oracle has not commented publicly on the incident, cybersecurity experts urge firms to review access controls and enforce strong authentication measures.
Protecting Your Business
This latest campaign underscores the urgent need for proactive cybersecurity. Executives and IT teams are encouraged to verify unusual emails, monitor account activity, and ensure all software updates are applied promptly. Awareness and vigilance remain the most effective defenses against ransomware threats targeting high-level business data.
Also Read: Amazon, Google, Microsoft Warn H-1B Workers: Stay in the US Amid Trump’s $100K Visa Fee
As ransomware groups like Clop escalate attacks on corporate executives, companies using Oracle’s E-Business Suite must tighten security and educate employees about phishing and extortion tactics. The digital landscape increasingly rewards preparedness over reaction, and prevention is now the first line of defense.
Disclaimer: The information in this article is for general purposes only and does not constitute financial advice. The author’s views are personal and may not reflect the views of CoinBrief.io. Before making any investment decisions, you should always conduct your own research. Coin Brief is not responsible for any financial losses.
