CISA and FBI Release Advisory on CL0P Ransomware Gang Exploiting MOVEit Vulnerability

Home / Articles / External / Government

Source: DVIDS,
Source: DVIDS,

June 20, 2023 | Originally published by CISA on June 7, 2023

WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) published a joint Cybersecurity Advisory (CSA) with recommended actions and mitigations to protect against and reduce impact from CL0P Ransomware Gang exploiting MOVEit vulnerability (CVE-2023-3436).

According to open-source information, CL0P Ransomware Gang, also known as TA505, began exploiting a previously unknown structured query language (SQL) injection vulnerability (CVE-2023-34362) in Progress Software’s managed file transfer (MFT) solution known as MOVEit Transfer beginning in May 2023. Internet-facing MOVEit Transfer web applications were infected with a specific malware used by CL0P, which was then used to steal data from underlying MOVEit Transfer databases.

Focus Areas