BTC $65266.0064
ETH $3170.2759
BNB $579.9567
SOL $151.5810
stETH $3170.3792
XRP $0.5307
DOGE $0.1622
TON $6.2152
ADA $0.5047
AVAX $37.5087
wstETH $3690.1011
WBTC $65350.8728
DOT $7.1858
WETH $3168.2550
TRX $0.1112
BCH $512.3933
LINK $14.9136
MATIC $0.7262
ICP $15.2978
UNI $7.8248
LTC $85.1449
DAI $1.0008
RNDR $9.1190
CAKE $2.9399
IMX $2.1935
STX $2.8650
ETC $27.9082
FDUSD $0.9998
MNT $1.2003
NEAR $6.3271
FIL $6.6129
OKB $55.7832
HBAR $0.0909
TAO $475.1056
VET $0.0423
WIF $3.0785
ATOM $8.6865
MKR $3070.6157
KAS $0.1185
FET $2.4759
GRT $0.2860
INJ $29.1371
PEPE $0.0000
USDE $0.9998
XLM $0.1150
THETA $2.2569
XMR $121.6010
BTC $65266.0064
ETH $3170.2759
BNB $579.9567
SOL $151.5810
stETH $3170.3792
XRP $0.5307
DOGE $0.1622
TON $6.2152
ADA $0.5047
AVAX $37.5087
wstETH $3690.1011
WBTC $65350.8728
DOT $7.1858
WETH $3168.2550
TRX $0.1112
BCH $512.3933
LINK $14.9136
MATIC $0.7262
ICP $15.2978
UNI $7.8248
LTC $85.1449
DAI $1.0008
RNDR $9.1190
CAKE $2.9399
IMX $2.1935
STX $2.8650
ETC $27.9082
FDUSD $0.9998
MNT $1.2003
NEAR $6.3271
FIL $6.6129
OKB $55.7832
HBAR $0.0909
TAO $475.1056
VET $0.0423
WIF $3.0785
ATOM $8.6865
MKR $3070.6157
KAS $0.1185
FET $2.4759
GRT $0.2860
INJ $29.1371
PEPE $0.0000
USDE $0.9998
XLM $0.1150
THETA $2.2569
XMR $121.6010
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • The Clop group stole the data of more than 130 companies in 10 days

    The Clop ransomware gang claimed to have stolen the data of more than 130 organizations worldwide using a zero-day vulnerability in the GoAnywhere MFT secure file transfer tool.

    Vulnerability CVE-2023-0669 allows a hacker to remotely execute code on unpatched GoAnywhere MFT instances when their administrative console is exposed to the Internet.

    According to the Clop group, they stole data within 10 days of hacking vulnerable servers. They also claimed to be able to roam their victims' networks and deploy ransomware payloads to encrypt systems, but refused to do so and only stole documents stored on compromised GoAnywhere MFT servers.

    The gang refused to provide evidence or share further information regarding their claims.

    Huntress Threat Intelligence manager Joe Slowik linked the GoAnywhere MFT attacks to TA505, a threat group known for deploying the Clop ransomware in the past, while investigating an attack that deployed the TrueBot malware loader.

    “Although the links are not reliable, analysis of Truebot activity and deployment mechanisms points to TA505. Reports from various organizations link Silence/Truebot activity to TA505 operations,” Slowik said.
    “Based on the observed activity and previous reports, we can conclude that the activity observed by Huntress was directed towards deploying ransomware with additional exploitation of the GoAnywhere MFT.”

    GoAnywhere MFT is a file transfer management product that provides automation and security for organizations. This web tool is used by dozens of large companies and educational institutions in the United States.

    Security expert Kevin Beaumont shared the results of a search on the Shodan platform, revealing over 1,000 vulnerable instances of administrative consoles that could be accessed from the Internet.

    Last week, Fortra informed its customers that the vulnerability exists and is actively exploited in hacker attacks. Fortra has provided indicators of compromise for potentially affected clients, including a specific stack trace that will show up in logs on compromised systems. After that, the company released an emergency update with a bug fix.

    Author DeepWeb
    Namecheap domain registrar systems hacked
    An unknown group is spying on telecommunications companies in the Middle East

    Comments 0

    Add comment