Oracle Customers Hit by Extortion Emails After Vulnerability Exploits

Oracle's E-Business Suite users face extortion threats over alleged data theft, linked to Cl0p and FIN11, exploiting unpatched vulnerabilities.

By Content Team

Oct 3, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Oracle confirmed that customers using its E-Business Suite software have received extortion emails claiming sensitive data theft. The company's investigation suggests attackers exploited known vulnerabilities that were patched in Oracle's July 2025 Critical Patch Update, which fixed around 200 flaws.

Google Threat Intelligence and Mandiant researchers discovered the extortion campaign, with emails allegedly coming from the notorious Cl0p cybercrime group and sent from accounts linked to FIN11. While researchers haven't verified the hackers' theft claims, both groups have previously targeted enterprise software vulnerabilities.

Oracle's July update addressed nine E-Business Suite vulnerabilities, including three remotely exploitable flaws without authentication and three high-severity issues. This follows Oracle's earlier admission that hackers stole data from a legacy cloud environment.

Source: SecurityWeek

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Vietnamese Hackers Target Job Seekers with 'Vampire Bot' Surveillance Malware

Oct 9, 2025

Google Sues China-Based Scammers Behind Massive Text Phishing Operation

Nov 13, 2025

Congressional Budget Office Hit by Suspected Foreign Cyberattack

Nov 7, 2025

Manufacturing Hit Hard by Ransomware as Security Gaps and Skills Shortages Leave Sector Vulnerable

Dec 9, 2025