{"id":43998,"date":"2025-10-02T11:35:28","date_gmt":"2025-10-02T11:35:28","guid":{"rendered":"https:\/\/quickassetsmarket.com\/index.php\/2025\/10\/02\/hackers-exploit-oracle-systems-executives-hit-with-ransom-demands\/"},"modified":"2025-10-02T11:35:28","modified_gmt":"2025-10-02T11:35:28","slug":"hackers-exploit-oracle-systems-executives-hit-with-ransom-demands","status":"publish","type":"post","link":"https:\/\/quickassetsmarket.com\/index.php\/2025\/10\/02\/hackers-exploit-oracle-systems-executives-hit-with-ransom-demands\/","title":{"rendered":"Hackers exploit Oracle systems, executives hit with ransom demands"},"content":{"rendered":"<div><\/div>\n<p>A high-volume cyberattack has put global corporations on alert as hackers linked to the Cl0p ransomware gang target executives through extortion campaigns. <\/p>\n<p>The attackers claim to have stolen sensitive data from Oracle\u2019s E-Business Suite applications, which are widely used to manage financial transactions, supply chains, and customer records. <\/p>\n<p>According to security researchers, the <a target=\"_blank\" href=\"https:\/\/www.bloomberg.com\/news\/articles\/2025-10-02\/cyber-group-extorting-executives-with-claims-of-stolen-data?srnd=phx-technology\">hackers are sending extortion emails<\/a> to company leaders demanding payments to prevent the release of compromised files. <\/p>\n<p>One such demand reached $50 million, though so far no victim has been confirmed to have paid.<\/p>\n<h2 class=\"wp-block-heading\">Emails sent to company executives<\/h2>\n<p><a target=\"_blank\" href=\"https:\/\/www.reuters.com\/business\/google-says-hackers-are-sending-extortion-emails-executives-2025-10-02\/\">Alphabet\u2019s Google confirmed<\/a> that hackers are contacting executives at numerous organisations, alleging that they have exfiltrated confidential data from Oracle\u2019s systems. <\/p>\n<p>In a statement, Google described the campaign as \u201chigh-volume\u201d but said it does not currently have sufficient evidence to verify the claims. <\/p>\n<p>The emails, which began appearing on or before 29 September, were distributed via hundreds of compromised third-party accounts and share characteristics consistent with previous Cl0p operations.<\/p>\n<p>Investigators noted that the attackers appear to have abused Oracle\u2019s default password-reset function to gain valid credentials for internet-facing portals of the E-Business Suite. <\/p>\n<p>The extortion notes, written in poor English and containing grammatical errors, included screenshots and file trees as supposed proof of access. Contact details embedded in the messages also match those previously associated with Cl0p.<\/p>\n<h2 class=\"wp-block-heading\">Ransom demands and data theft risks<\/h2>\n<p>Cybersecurity firm Halcyon reported that ransom demands have been in the seven- and eight-figure range, with one demand as high as $50 million. <\/p>\n<p>The attackers\u2019 tactic is not limited to encrypting files but involves mass data theft, which can increase pressure on victims to pay. If companies refuse, stolen data could be leaked or sold, creating further regulatory, financial, and reputational damage.<\/p>\n<p>While Google and Halcyon have both linked the campaign to Cl0p, researchers stressed that the full scale of the breach remains unclear. Neither Oracle nor Cl0p responded to requests for comment.<\/p>\n<h2 class=\"wp-block-heading\">Cl0p\u2019s history of large-scale breaches<\/h2>\n<p>Cl0p is known for exploiting vulnerabilities in widely used enterprise software. In 2023, the group carried out a mass attack on the MOVEit file-transfer tool, claiming data from hundreds of organisations including Shell, British Airways owner IAG, and the BBC. <\/p>\n<p>Following that incident, the US Cybersecurity and Infrastructure Security Agency described Cl0p as one of the world\u2019s largest distributors of phishing and malspam, estimating it had compromised more than 3,000 organisations in the US and 8,000 globally.<\/p>\n<p>The current campaign highlights how cybercriminal groups are increasingly focusing on the enterprise platforms that form the backbone of corporate operations. <\/p>\n<p>By compromising applications like Oracle\u2019s E-Business Suite, attackers gain potential access to the most sensitive financial and operational data within large companies. <\/p>\n<p>The scale of ransom demands \u2014 and the fact that executives themselves are being directly targeted \u2014 shows the high stakes involved for organisations dependent on these systems.<\/p>\n<p>The post <a href=\"https:\/\/invezz.com\/news\/2025\/10\/02\/hackers-exploit-oracle-systems-executives-hit-with-ransom-demands\/\">Hackers exploit Oracle systems, executives hit with ransom demands<\/a> appeared first on <a href=\"https:\/\/invezz.com\/\">Invezz<\/a><\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A high-volume cyberattack has put global corporations on alert as hackers linked to the Cl0p ransomware gang target executives through extortion campaigns. The attackers claim to have stolen sensitive data from Oracle\u2019s E-Business Suite applications, which are widely used to manage financial transactions, supply chains, and customer records. According to security researchers, the hackers are <\/p>\n","protected":false},"author":1,"featured_media":43999,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[],"class_list":{"0":"post-43998","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-investing"},"_links":{"self":[{"href":"https:\/\/quickassetsmarket.com\/index.php\/wp-json\/wp\/v2\/posts\/43998","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/quickassetsmarket.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/quickassetsmarket.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/quickassetsmarket.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/quickassetsmarket.com\/index.php\/wp-json\/wp\/v2\/comments?post=43998"}],"version-history":[{"count":0,"href":"https:\/\/quickassetsmarket.com\/index.php\/wp-json\/wp\/v2\/posts\/43998\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/quickassetsmarket.com\/index.php\/wp-json\/wp\/v2\/media\/43999"}],"wp:attachment":[{"href":"https:\/\/quickassetsmarket.com\/index.php\/wp-json\/wp\/v2\/media?parent=43998"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/quickassetsmarket.com\/index.php\/wp-json\/wp\/v2\/categories?post=43998"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/quickassetsmarket.com\/index.php\/wp-json\/wp\/v2\/tags?post=43998"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}