The University of Maastricht (UM) in the Netherlands recently paid a ransom of 30 bitcoin to the decryption key of the CLOP ransomware, which was about 240,000 US dollars at the time. Subsequently, UM disclosed the details of the attack and provided detailed information to help researchers understand how the targeted ransomware attacked.
According to reports, after researching the hacker’s encryption, UM concluded that the only feasible method was to pay a ransom and purchase a decryption key. Because, UM believes that even if it is possible to crack the ransomware, it will take several months to rebuild the basic network architecture, and the research materials may not be recovered, and its students will not be able to take the exam as scheduled.
It is reported that Fox-IT researchers stated in a research report commissioned by UM that the organization behind this particular attack is a criminal group with a long history, often referred to as “TA505.”