Technology NewsTechnology NewsTechnology News
  • Computing
  • AI
  • Robotics
  • Cybersecurity
  • Electric Vehicle
  • Wearables
  • Gaming
  • Space
Reading: Clop Demands Payment From Oracle Users via Targeted Emails
Share
Font ResizerAa
Technology NewsTechnology News
Font ResizerAa
Search
  • Computing
  • AI
  • Robotics
  • Cybersecurity
  • Electric Vehicle
  • Wearables
  • Gaming
  • Space
Follow US
  • Cookie Policy (EU)
  • Contact
  • About
© 2025 NEWSLINKER - Powered by LK SOFTWARE
Cybersecurity

Clop Demands Payment From Oracle Users via Targeted Emails

Highlights

  • Clop group targets Oracle E-Business Suite users with extortion emails.

  • Attackers use third-party compromised accounts to boost credibility.

  • Security experts advise organizations to avoid ransom payments.

Ethan Moreno
Last updated: 2 October, 2025 - 10:49 pm 10:49 pm
Ethan Moreno 3 hours ago
Share
SHARE

Executives and managers across organizations recently received emails from the Clop ransomware group, warning them of alleged breaches involving Oracle’s E-Business Suite application. These communications attempt to treat the extortion as a strictly financial matter, asserting no political or ideological motivation. Recipients were promised proof of the breach in the form of selected stolen files and faced a stark ultimatum tied to a payment deadline. The messages, written in flawed English, sought to pressure Oracle customers to pay ransoms to prevent the publication or sale of their stolen information. Cybersecurity researchers have stressed that these tactics are intended to create urgency and leverage reputational and regulatory risks.

Contents
How Did Clop Contact Oracle Customers?What Did Clop’s Emails Offer or Threaten Recipients With?What Stance Have Oracle and Security Experts Taken?

Earlier reporting on ransomware campaigns showed Clop’s pattern of focusing on financial gain rather than causing operational disruptions or targeting specific countries. Other incidents involving Clop also included offering “proof of breach” and portraying themselves as fulfilling their promises upon payment, often referencing prior deals with victims. Recent attacks mirror these established methods, but the scale involving Oracle E-Business Suite users and the use of compromised third-party email accounts indicate evolving approaches in how Clop establishes credibility and pressures victims. Absent in previous disclosures are such direct and widespread contact with executives via compromised unrelated accounts, highlighting tactical shifts.

How Did Clop Contact Oracle Customers?

Researchers found that the Clop group sent emails to Oracle users via hundreds of compromised third-party email accounts, an approach that made detection more difficult and lent perceived legitimacy to the correspondence. Austin Larsen from Google’s Threat Intelligence Group noted the prevalence of this tactic, explaining that cybercriminals often acquire credentials from infostealer malware logs available on underground forums to bypass spam filters. The campaign did not involve mass spam, but rather targeted individuals positioned to make decisions under pressure.

What Did Clop’s Emails Offer or Threaten Recipients With?

The extortion messages detailed that Clop would provide concrete evidence of the alleged breach, offering to supply up to three files or data rows upon request. Threats of serious consequences were explicit; the group warned that the fallout from not paying would far exceed the ransom demand, referencing financial losses, reputational harm, and regulatory penalties. Clop’s messaging repeatedly emphasized their intent to monetize the breach without causing broader damage, stating “We do not seek political power or care about any business.”

What Stance Have Oracle and Security Experts Taken?

Although Oracle has not released any public statements on these claims, security analysts remain cautious about confirming whether a breach actually occurred or if the Clop group is definitively behind the emails. The contact information and communication style are consistent with Clop’s past operations, adding weight to their claim of involvement. As one email insisted:

“We always fulfil all promises and obligations. We are not interested in destroying your business. We want to take the money and you not hear from us again.”

The group reinforced the pressure by reminding,

“Please convey this information to your executive and managers as soon as possible. We advice not reach point of no return.”

With this latest incident, the Clop group continues to refine its methods, applying direct social pressure to executives and leveraging third-party account compromise as a vector. For organizations using Oracle E-Business Suite, these messages are a reminder that robust incident response planning and regular credential hygiene remain essential. If approached by threat actors claiming access or control, companies should avoid direct engagement, gather forensic evidence, and report to relevant authorities. Paying ransom does not guarantee deletion of stolen data or non-disclosure and could incentivize repeat targeting. A coordinated response involving cyber security professionals and legal counsel remains the advised path to minimize further business risk.

You can follow us on Youtube, Telegram, Facebook, Linkedin, Twitter ( X ), Mastodon and Bluesky

You Might Also Like

Red Hat Reports Consulting Data Breach in GitLab System

North Korean Operatives Target Firms Globally Through Remote Job Infiltration

Clop Ransomware Group Targets Oracle Users with Data Theft Threats

Security Experts Warn of Exploitation Risks in GoAnywhere MFT Flaw

Federal Agencies Respond to Cisco Zero-Day Attacks, Assessment Continues

Share This Article
Facebook Twitter Copy Link Print
Ethan Moreno
By Ethan Moreno
Ethan Moreno, a 35-year-old California resident, is a media graduate. Recognized for his extensive media knowledge and sharp editing skills, Ethan is a passionate professional dedicated to improving the accuracy and quality of news. Specializing in digital media, Moreno keeps abreast of technology, science and new media trends to shape content strategies.
Previous Article ZA/UM Workers Form Union as Studio Prepares Zero Parades Launch
Next Article Microbot Medical Secures Japanese Patent for LIBERTY Robotic System

Stay Connected

6.2kLike
8kFollow
2.3kSubscribe
1.7kFollow

Latest News

Microbot Medical Secures Japanese Patent for LIBERTY Robotic System
Robotics
ZA/UM Workers Form Union as Studio Prepares Zero Parades Launch
Gaming
Tesla Boosts Deliveries as Tax Credit Deadline Drives Surge
Electric Vehicle Technology
Larian Boss Criticizes Fast, Costly Game Development Trends
Gaming
Major Space Missions Set to Launch as October Progresses
Technology
NEWSLINKER – your premier source for the latest updates in ai, robotics, electric vehicle, gaming, and technology. We are dedicated to bringing you the most accurate, timely, and engaging content from across these dynamic industries. Join us on our journey of discovery and stay informed in this ever-evolving digital age.

ARTIFICAL INTELLIGENCE

  • Can Artificial Intelligence Achieve Consciousness?
  • What is Artificial Intelligence (AI)?
  • How does Artificial Intelligence Work?
  • Will AI Take Over the World?
  • What Is OpenAI?
  • What is Artifical General Intelligence?

ELECTRIC VEHICLE

  • What is Electric Vehicle in Simple Words?
  • How do Electric Cars Work?
  • What is the Advantage and Disadvantage of Electric Cars?
  • Is Electric Car the Future?

RESEARCH

  • Robotics Market Research & Report
  • Everything you need to know about IoT
  • What Is Wearable Technology?
  • What is FANUC Robotics?
  • What is Anthropic AI?
Technology NewsTechnology News
Follow US
About Us   -  Cookie Policy   -   Contact

© 2025 NEWSLINKER. Powered by LK SOFTWARE
Welcome Back!

Sign in to your account

Register Lost your password?