Update: Ransomware Group Used MOVEit Exploit to Steal Data From Dozens of Organizations
Mandiant has attributed the attack to UNC4857, a new threat cluster, and named the delivered webshell LemurLoot. Microsoft, on the other hand, is confident that the threat actor behind the Cl0p ransomware is responsible for the attack.