Hacks target popular file-transfer tool, again
Add Axios as your preferred source to
see more of our stories on Google.
/2024/06/27/1719500498311.gif?w=3840)
Illustration: Aïda Amer/Axios
Hackers have already started attacking a newly discovered critical flaw in popular file-transfer program MOVEit — roughly a year after a similar, widespread hacking spree targeted the same tool.
Why it matters: Malicious actors have moved rapidly to launch attacks against companies using the flaw to steal sensitive documents.
- It's unlikely customers are going to act fast enough to prevent these breaches.
Threat level: At least 1,800 instances of MOVEit were still online as of Thursday, and last year's attacks impacted thousands of organizations, including airlines, banks and government agencies.
- "Patch or take your MOVEit appliance offline," Rob Joyce, former cybersecurity director at the National Security Agency, wrote Wednesday on X. "The regret factor will be high."
Zoom in: The vulnerability allows intruders to bypass the authentication process in MOVEit that enables encrypted file transfers.
- If successful, a hacker could download, delete, intercept or tamper with files that have been stored in the program.
- The vulnerability has received a severity score of 9.1 out of 10.
- MOVEit has released a patch for the issue, but it noted that it has also found vulnerabilities in a third-party vendors' tech that haven't been patched yet.
The big picture: Companies have been wrestling with a swarm of supply chain attacks — where hackers target flaws in companies' tech vendors' systems and use those as a launching pad to steal customer information.
What we're watching: The impact of this week's vulnerability is still unknown.
- Last year, the number of ransomware attacks in June doubled from the same month the year before in part because of the MOVEit flaws.
