Back to Ransomware


Financial conglomerate Indiabulls struck by ransomware attack

Indiabulls, a financial services group based in India, has confirmed a CLOP ransomware attack. The attackers threatened to leak stolen data if the company failed to pay ransom within 24 hours.

Cyble, a United States-based cyber threat intelligence company, notified the company about the breach. The CLOP threat actors posted snapshots of highly sensitive, bank-related documents, such as transaction details, vouchers, letters sent to bank managers, and more.

The CLOP ransomware group steals unencrypted files before deploying the ransomware. The leaked files are posted on its ‘CLoP^_- LEAKS’ data leak site.

The Indiabulls Group is a diversified financial services group with interests in housing finance, consumer finance, and personal wealth. The Group also has a presence in real estate, pharmaceuticals, lighting, and infrastructure and construction equipment leasing. The public company has a net worth of more than ₹ 28,580 Cr. (as of 31st March, 2019), according to its website.

Indiabulls has not publicly released how much the CLOP group is demanding for a ransom, or when the attack occurred. The CLOP ransomware group also targeted the U.S.-based pharmaceutical firm ExecuPharm in March.

Ransomware attacks can be costly. Invest in a tool like ManageEngine DataSecurity Plus to secure data and mitigate ransomware attacks. Download a free, 30-day trial of DataSecurity Plus today.

How ManageEngine can help.

Investing in a ransomware detection tool helps you detect and respond to ransomware attacks in real time to minimize the impact on your organization. Here are some best practices DataSecurity Plus can help you implement to handle ransomware attacks.

  • Detect ransomware with real-time mass access alerts. Monitor the frequency of file modifications by a user, and issue alerts whenever the number of modifications crosses a threshold within a specified time.
  • Quarantine ransomware and shut down infected devices with a customizable and automated response system. Set automated alert responses through the execution of a batch file to respond to mass access alerts.
  • View in-depth details of events for further investigation. Generate customizable, audit-ready reports on all file-related changes, access attempts, and share permissions.

Learn more about the eight best practices that can help you avoid cyberattacks and protect your organization. Start your free, 30-day trial of DataSecurity Plus today.

© 2022 Zoho Corporation Pvt. Ltd. All rights reserved.


Stay In The Know

Thank you

You will receive weekly cybersecurity news soon!

  • Please enter a business email id
    By clicking 'I'm Interested', you agree to processing of personal data according to the Privacy Policy.