CISA and FBI Release Advisory on CL0P Ransomware Gang Exploiting MOVEit Vulnerability

Home / Articles / External / Government

Source: DVIDS, https://www.dvidshub.net/image/4057720/ransomware-stay-safe
Source: DVIDS, https://www.dvidshub.net/image/4057720/ransomware-stay-safe

June 20, 2023 | Originally published by CISA on June 7, 2023

WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) published a joint Cybersecurity Advisory (CSA) with recommended actions and mitigations to protect against and reduce impact from CL0P Ransomware Gang exploiting MOVEit vulnerability (CVE-2023-3436).

According to open-source information, CL0P Ransomware Gang, also known as TA505, began exploiting a previously unknown structured query language (SQL) injection vulnerability (CVE-2023-34362) in Progress Software’s managed file transfer (MFT) solution known as MOVEit Transfer beginning in May 2023. Internet-facing MOVEit Transfer web applications were infected with a specific malware used by CL0P, which was then used to steal data from underlying MOVEit Transfer databases.

Focus Areas