Topics
recent
AI
Amazon
Image Credits:DBenitostock / Getty Images
Apps
Biotech & Health
Climate
Image Credits:DBenitostock / Getty Images
Cloud Computing
Commerce
Crypto
Enterprise
EVs
Fintech
fund-raise
Gadgets
Gaming
Government & Policy
computer hardware
layoff
Media & Entertainment
Meta
Microsoft
privateness
Robotics
Security
societal
Space
Startups
TikTok
Transportation
speculation
More from TechCrunch
Events
Startup Battlefield
StrictlyVC
Podcasts
video
Partner Content
TechCrunch Brand Studio
Crunchboard
Contact Us
surety researchers are warning that hackers are actively overwork another in high spirits - risk exposure in a popular Indian file transfer technology to launch mass hacks .
The vulnerability , traverse as CVE-2024 - 50623 , affect package prepare by Illinois - based enterprise software package company Cleo , consort to researchers at cybersecurity company Huntress .
The flaw was first disclosed by Cleo in asecurity advisoryon October 30 which warned that exploitation could lead to remote computer code carrying into action . It affects Cleo ’s LexiCom , VLTransfer , and Harmony tool , which are commonly used by enterprises to carry off Indian file transfers .
Cleo released a bandage for the vulnerability in October , but ina blog on MondayHuntress warned that the patch does not mitigate the software system flaw .
Huntress security investigator John Hammond sound out the companionship has observed terror actors “ exploit this package en masse shot ” since December 3 . He told TechCrunch in a statement on Tuesday that Huntress – which protects more than 1,700 Cleo LexiCom , VLTransfer , and Harmony server – has discovered at least 24 commercial enterprise whose servers were compromised .
“ Victim organizations so far have admit various consumer product society , logistics and shipping arrangement , and food provider , ” publish Hammond , lend that many other customers are at risk of being hacked .
Shodan , a search engine for publicly available devices and databases , listshundreds of vulnerable Cleo servers , the majority of which are located in the U.S.
Join us at TechCrunch Sessions: AI
Exhibit at TechCrunch Sessions: AI
Cleo hasmore than 4,200 customers , including U.S. biotechnology company Illumina , sports footwear jumbo New Balance , and Dutch logistics firm Portable .
Huntress has not yet key the threat doer behind these attacks and it ’s not live whether any data has been slip from impacted Cleo customers . However , Hammond noted that the society has keep hackers performing “ post - exploitation activity ” after compromise vulnerable system .
In an emailed statement given to TechCrunch , Jorge Rodriguez , SVP of product Development at Cleo , say that a maculation for the decisive exposure is “ under evolution . ” Huntress recommends that Cleo customers move any internet - exposed systems behind a firewall until a raw patch is give up .
Rodriguez decline to how many customers had been impacted or whether it was aware of any data exfiltration .
enterprisingness file transport tools are a popular fair game among hackers and extortion group . Last year , the Russia - connect Clop ransomware gang take one thousand of victim byexploiting a zero - sidereal day vulnerability in Progress Software ’s MOVEit transferral mathematical product . The same crowd had antecedently taken quotation for the mass exploitation ofa exposure in Fortra ’s GoAnywhere care Indian file transportation computer software , which was used to target more than 130 organizations .
Updated with scuttlebutt from Cleo .
