MOVEit file transfer vulnerability exploited by hackers

Onur Demirkol
Jun 2, 2023

Security researchers have discovered that threat actors are using a serious zero-day flaw in the MOVEit file transfer product in a number of client scenarios.

According to BleepingComputer, MoveIt Transfer from Progress Software has a serious vulnerability that is being exploited by threat actors. The website reported that multiple organizations have been compromised and their data taken, although it is unknown when the exploitation took place and which threat actors are responsible for the attacks.

"Progress has discovered a vulnerability in MOVEit Transfer that could lead to escalated privileges and potential unauthorized access to the environment. If you are a MOVEit Transfer customer, it is extremely important that you take immediate action as noted below in order to help protect your MOVEit Transfer environment while our team produces a patch," reads a security advisory from Progress.

Caitlin Condon, Senior Manager of Security Research at Rapid7, said that the majority of the occurrences appeared to be in the US. Progress issued a security advisory yesterday alerting users to a "Critical" vulnerability in MOVEit MFT and providing workarounds until patches are applied.

"Any organization using MOVEit should forensically examine the system to determine if it was already compromised and if data was stolen. Although Mandiant does not yet know the motivation of the threat actor, organizations should prepare for potential extortion and publication of the stolen data," Mandiant Consulting Chief Technology Officer Charles Carmakal said in an email reported by Bank Info Security.

There is no information available regarding the zero-day vulnerability. However, the flaw is probably a web-facing vulnerability based on the banned ports.

Organizations are highly advised to stop any MOVEit Transfers until a fix for their version is available, then thoroughly investigate the server for signs of compromise before implementing the patch and turning it back on.


What is MOVEit transfer?

Using SFTP, SCP, and HTTP-based uploads, MOVEit Transfer is a managed file transfer (MFT) system created by Ipswitch, a division of Progress Software Corporation in the US, that enables businesses to securely move files between clients and business partners. Well, not that "secure" nowadays.


Previous Post: «
Next Post: «


There are no comments on this post yet, be the first one to share your thoughts!

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.