Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security

New Victims Come Forward After Mass-Ransomware Attack (techcrunch.com) 13

The number of victims affected by a mass-ransomware attack, caused by a bug in a popular data transfer tool used by businesses around the world, continues to grow as another organization tells TechCrunch that it was also hacked. From the report: Canadian financing giant Investissement Quebec confirmed to TechCrunch that "some employee personal information" was recently stolen by a ransomware group that claimed to have breached dozens of other companies. Spokesperson Isabelle Fontaine said the incident occurred at Fortra, previously known as HelpSystems, which develops the vulnerable GoAnywhere file transfer tool. Hitachi Energy also confirmed this week that some of its employee data had been stolen in a similar incident involving its GoAnywhere system, but saying the incident happened at Fortra.

Over the past few days, the Russia-linked Clop gang has added several other organizations to its dark web leak site, which it uses to extort companies further by threatening to publish the stolen files unless a financial ransom demand is paid. TechCrunch has learned of dozens of organizations that used the affected GoAnywhere file transfer software at the time of the ransomware attack, suggesting more victims are likely to come forward. However, while the number of victims of the mass-hack is widening, the known impact is murky at best. Since the attack in late January or early February -- the exact date is not known -- Clop has disclosed less than half of the 130 organizations it claimed to have compromised via GoAnywhere, a system that can be hosted in the cloud or on an organization's network that allows companies to securely transfer huge sets of data and other large files.

This discussion has been archived. No new comments can be posted.

New Victims Come Forward After Mass-Ransomware Attack

Comments Filter:
  • GoAnywhere, a system that can be hosted in the cloud or on an organization's network that allows companies to securely transfer huge sets of data and other large files.

    I am pretty sure you can drop the "securely" from that description.

    • by Anonymous Coward

      GoAnywhere, a system that can be hosted in the cloud or on an organization's network that allows companies to securely transfer huge sets of data and other large files.

      I am pretty sure you can drop the "securely" from that description.

      Details, details, details...

    • GoAnywhere! Including Russia!
  • Sure a lot of VPN gateways got exploited too, but security in depth and if you don't start with a VPN you're in the kiddy pool.

  • any open source alternative similar to this tool?
  • For as big as this is, being a zero-day in a somewhat popular enterprise tool that's normally exposed to the internet by design, it's been flying under the radar news-wise. I expect many more incidents to come to light soon. It's not solar winds big, but it's still going to be a doozie.
    • exposed to the internet by design

      I used to think Zero Trust was a good idea, but IT really has a knack for going complete coockoo for cocopuffs for convenience. Instead of using it to improve security, they use it as an excuse to do away with attack surface minimization. They simply don't recognize attack surface as a concept so they can access everything on a random browser ... it's the BYOD disaster on steroids.

      • Re:Under reported (Score:4, Informative)

        by Bert64 ( 520050 ) <.moc.eeznerif.todhsals. .ta. .treb.> on Wednesday March 22, 2023 @02:57PM (#63391641) Homepage

        It's a system for sharing files with external parties, how exactly would you propose to create such a system without exposing it to external parties?

        Of course you can do your due diligence with any file sharing system to minimise the risks:

        Keep it isolated away from your other infrastructure.
        Ensure that files are only stored temporarily until the recipient can download them, then securely erase them.
        Encrypt the files, with the key sent separately (eg zip them and send the recipient the password via sms).

  • by Anonymous Coward

    Privacy Badger shows 19 trackers on the goanywhere.com website. Obviously a very security-conscious company -- NOT.

  • Russia-linked Clop gang .. cyber BS more likely :|

"The following is not for the weak of heart or Fundamentalists." -- Dave Barry

Working...