Hackers Exploit Security Flaw in Popular File Transfer Tool MOVEit to Steal User Data

Hackers have stolen data from the systems of several users of popular file transfer tool MOVEit Transfer, US security researchers said on Thursday, a day after the software’s maker announced that a vulnerability had been discovered.

Software maker Progress Software Corp, after announcing the vulnerability on Wednesday, said it could potentially lead to unauthorized access to users’ systems.

Based in Burlington, Massachusetts, the company’s managed file transfer software enables companies to transfer files and data between business partners and customers.

It was not immediately clear which or how many organizations were using the software or affected by possible violations. Ian Pitt, chief information officer, declined to reveal those details, but said Progress Software has been providing fixes since discovering the vulnerability late May 28.

The software’s cloud-based service of the same name was also affected, he told Reuters.

“Currently we are not seeing any utilization of the cloud platform,” he said.

Cybersecurity firm Rapid7 and Mandiant Consulting — owned by Alphabet’s Google — said they’d found a number of cases where the data-stealing vulnerability had been exploited.

“The past few days have seen mass exploitation and widespread data theft,” Charles Carmakal, Mandiant Consulting’s chief technology officer, said in a statement.

Such “zero-day” or previously unknown vulnerabilities in managed file transfer solutions have historically led to data theft, leaks, extortion and victim shaming, Mandiant said.

“Although Mandiant does not yet know the threat actor’s motivation, organizations should prepare for possible blackmail and disclosure of the stolen data,” Carmakal said.

Rapid7 said it has seen an increase in breach cases related to the bug since the disclosure.

Progress Software has outlined steps that vulnerable users can take to mitigate the impact of the vulnerability.

Pitt did not comment on who might have attempted to steal data by exploiting the vulnerability.

“We have no evidence that it’s being used to spread malware,” he said.

MOVEit Transfer has been used by a relatively “small” number of customers compared to more than 20 of the company’s other software products, he said.

“We have forensics partners on board and are working with them to ensure we continue to understand the situation better.”

© Thomson Reuters 2023

Apple’s annual developer conference is just around the corner. From the company’s first mixed reality headset to new software updates, we cover everything we’re looking forward to at WWDC 2023 on Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.
Affiliate links may be automatically generated – see our Ethics Statement for details.

Previous articleThrough race to promote the city, let the Dragon Boat Race into the “Enyang time”
Next articleDavid Warner is looking good for WTC final: Usman Khawaja | Cricket News