Hackers use flaw in popular file transfer tool to steal data, U.S. researchers say
2023.06.01 19:56
© Reuters. FILE PHOTO: A computer keyboard lit by a displayed cyber code is seen in this illustration picture taken on March 1, 2017. REUTERS/Kacper Pempel/Illustration
By Zeba Siddiqui
SAN FRANCISCO (Reuters) – Hackers have stolen data from the systems of a number of users of the popular file transfer tool MOVEit Transfer, U.S. security researchers said on Thursday, one day after the maker of the software disclosed that a security flaw had been discovered.
Software maker Progress Software (NASDAQ:), after disclosing the vulnerability on Wednesday, said it could lead to potential unauthorized access into users’ systems.
The managed file transfer software made by Burlington, Massachusetts-based Progress allows organizations to securely transfer files and data between business partners and customers, and according to the company is used by thousands of organizations.
Google (NASDAQ:)’s Mandiant consulting and cybersecurity firm Rapid7 (NASDAQ:) disclosed on Thursday that they had found a number of cases in which the flaw had been exploited to steal user data.
It wasn’t immediately clear how many users were impacted, but Mandiant Consulting said it was investigating “several” intrusions linked to the bug.
It was not known when the flaw was discovered by hackers. A Progress Software spokeswoman didn’t immediately respond to a request for further comment.
“Mass exploitation and broad data theft has occurred over the past few days,” Charles Carmakal, chief technology officer of Mandiant Consulting, said in a statement.
Such “zero-day,” or previously unknown, vulnerabilities in managed file transfer solutions have led to data theft, leaks, extortion and victim shaming in the past, according to Mandiant.
“Although Mandiant does not yet know the motivation of the threat actor, organizations should prepare for potential extortion and publication of the stolen data,” Carmakal added.
Rapid7 said it had noticed an uptick in cases of compromise linked to the flaw since it was disclosed.
Progress, in a statement on Wednesday, outlined steps users at risk can take to mitigate the impact of the security vulnerability.
