Select Page

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have published a joint advisory regarding the active exploitation of a recently disclosed critical flaw in Progress Software’s MOVEit Transfer application to drop ransomware.

“The Cl0p Ransomware Gang, also known as TA505, reportedly began exploiting a previously unknown SQL injection vulnerability in Progress Software’s managed file transfer (MFT) solution known as MOVEit Transfer,” the agencies said.

“Internet-facing MOVEit Transfer web applications were infected with a web shell named LEMURLOOT, which was then used to steal data from underlying MOVEit Transfer databases.”

The prolific cybercrime gang has since issued an ultimatum to several impacted businesses, urging them to get in touch by June 14, 2023, or risk getting all their stolen data published.

images from Hacker News