CloudClevr
Account Hub

MOVEit File Transfer Cyber Attack – What You Need to Know

Progress Software, the creators of MOVEit – the file transfer tool, have discovered a critical vulnerability in their tool. This vulnerability could lead to an attacker gaining unauthorized access to a businesses environment and gaining escalated privileges, allowing increased control over an organisation’s environment.

Not only is your business at risk if you use this software, but large companies have also already reported that information has been stolen. This relates to employees at eight of Zellis’s customers (Including the BBC, Boots and British Airways).

Progress have issued advice on mitigating this vulnerability and you can view it directly by clicking here!

Who’s behind it?

Microsoft and other security research firms have linked this attack to the notorious Cl0p ransomware gang. Cl0p operate as a Ransomware as a Service (RaaS) and is a Russian speaking threat actor. Their main motivation is financial gain and are not a state sponsored (funded by a government) group.

They gained infamy in the past three years due to their high-profile attacks such as exploiting a SolarWinds Serv-U vulnerability back in November 2021.

What to do if you use the MOVEit platform

If you use MOVEit the following steps are strongly recommended:

  1. Disable all HTTP and HTTPs traffic to your MOVEit transfer environment.
  2. Review, delete and reset.
    • Delete unauthorised files and user accounts.
    • Reset service account credentials.
  3. Apply the Patch – A patch has been released to mitigate this vulnerability.
  4. Verification – To confirm the files have been successfully deleted and no unauthorized accounts remain, follow all the actions within step 2 again. If you do find indicators of compromise, you should reset the service account credentials again.
  5. Re-enable all HTTP and HTTPs traffic to your MOVEit transfer environment.

Further Guidance and Information

NCSC guidance and information on this breach

Progress have also posted information around the vulnerability of the MOVEit software

Laptop showing Clevr360 dashboard
Try Clevr360 for Free

Clevr360 consolidates and enhances data from leading cloud vendors all in one place, giving you a single view of your entire technology estate and better control over your cloud IT solutions. 

Learn more
Subscribe

Stay Ahead in Cloud, Communications & IT! Subscribe for the Latest Insights, News, and Exclusive Updates from CloudClevr.

Free Cyber Security assessment

Let's get things started

Fill out the form below and we will be in touch for your free assessment.

To qualify for a free trial of Clevr360, please submit your enquiry using a valid work email address and ensure you are based in the UK. We reserve the right to review, delay, or decline any request at our discretion.

Request an AI Readiness Review -
Powered by Clevr360

Discover how AI-Ready your IT estate is and get clarity across Microsoft 365 and key IT systems so you can adopt AI safely, optimise spend, and boost productivity.

GET A QUOTE

Get a tailored quote for ClevrOffice

ClevrOffice gives you everything your team needs to work — securely, seamlessly, and without the usual IT drama.

DISCOVERY SESSION

Speak to our team

Fill out the form below and account manager will be in touch

BOOK A DEMO

Discover Clevr360

Fill out the form below and we will be in touch with the next steps.