• Sat. Oct 14th, 2023

Clop Hackers Extorts Companies via MOVEit

Avatar photo


Jul 13, 2023
Clop Hackers Extorts Companies via MOVEit

Companies targeted by a massive assault that used a zero-day vulnerability in MOVEit Transfer are the focus of a money-extortion campaign launched by the Clop ransomware gang. While Shell and many US federal agencies have acknowledged the intrusion, these thieves have already started releasing the names of the victims’ firms on their leak site.

The CVE-2023-34362 flaw in MOVEit Transfer was discovered around the beginning of June 2023. This brought about a significant occurrence. All versions of the application were vulnerable, and there have been recorded attacks dating back to May 27, 2023.

Zero-Day Vulnerability in MOVEit Transfer

By taking advantage of this flaw, the attackers set up personalized web shells on the servers that were at risk, giving them access to the files on those servers, the ability to download those files, and the ability to steal Azure Blob Storage account information.

The infamous Clop ransomware organization has therefore been associated with these attacks, according to Microsoft experts.

What Else is Known?

In addition, the MOVEit Transfer zero-day vulnerability was targeted by the Clop ransomware group in order to launch an extortion campaign against businesses affected by the massive assault. The hackers have already revealed the names of the affected firms on their leak site, and Shell and other US federal agencies have recognized the attack. The well-known Clop ransomware gang has been connected to these attacks by Microsoft analysts.