MOVEit transfer tool leveraged by hackers to steal user data: US security researchers
July 16, 2026
  • Read Ecopy
  • Circulation
  • Advertise
  • Careers
  • About Us
  • Contact Us
Android AppiPhone AppArattai
Organiser
  • ‌
  • Bharat
    • Assam
    • Bihar
    • Chhattisgarh
    • Jharkhand
    • Maharashtra
    • View All States
  • World
    • Asia
    • Europe
    • North America
    • South America
    • Africa
    • Australia
  • Editorial
  • International
  • Opinion
  • RSS @ 100
  • More
    • Op Sindoor
    • Analysis
    • Sports
    • Defence
    • Politics
    • Business
    • Economy
    • Culture
    • Special Report
    • Sci & Tech
    • Entertainment
    • G20
    • Azadi Ka Amrit Mahotsav
    • Vocal4Local
    • Web Stories
    • Education
    • Employment
    • Books
    • Interviews
    • Travel
    • Law
    • Health
    • Obituary
  • Subscribe
    • Subscribe Print Edition
    • Subscribe Ecopy
    • Read Ecopy
  • ‌
  • Bharat
    • Assam
    • Bihar
    • Chhattisgarh
    • Jharkhand
    • Maharashtra
    • View All States
  • World
    • Asia
    • Europe
    • North America
    • South America
    • Africa
    • Australia
  • Editorial
  • International
  • Opinion
  • RSS @ 100
  • More
    • Op Sindoor
    • Analysis
    • Sports
    • Defence
    • Politics
    • Business
    • Economy
    • Culture
    • Special Report
    • Sci & Tech
    • Entertainment
    • G20
    • Azadi Ka Amrit Mahotsav
    • Vocal4Local
    • Web Stories
    • Education
    • Employment
    • Books
    • Interviews
    • Travel
    • Law
    • Health
    • Obituary
  • Subscribe
    • Subscribe Print Edition
    • Subscribe Ecopy
    • Read Ecopy
Organiser
  • Home
  • Bharat
  • World
  • Operation Sindoor
  • Editorial
  • Analysis
  • Opinion
  • Culture
  • Defence
  • International Edition
  • RSS @ 100
  • Magazine
  • Read Ecopy
Home Sci & Tech

MOVEit transfer tool leveraged by hackers to steal user data: US security researchers

It needs to be clarified how many organisations utilise MOVEit software or how many of them may have been affected by potential breaches because of a security flaw.

WEBDESKWEBDESK
Jun 3, 2023, 10:30 pm IST
in Sci & Tech
Follow on Google News
(Photo Courtesy: The Economic Times)

(Photo Courtesy: The Economic Times)

FacebookTwitterWhatsAppTelegramEmail

On June 1, US security experts reported that hackers were stealing the data of several users from the systems of the well-known file transfer tool MOVEit Transfer. A day before, the developer of this software reported about a security flaw in it.

After revealing the flaw on May 31, software developer Progress Software Corp warned that it would enable unauthorised access to customers’ systems.

Ipswitch makes this file transfer software. It’s a Massachusetts-based company in Burlington, United States. It enables businesses to send files and data to clients and business partners.

It needs to be clarified how many organisations utilise this software or how many of them may have been affected by potential breaches. The Chief Information Officer of Progress, Ian Pitt, declined to divulge the specifics about the breach but noted that the company had released remedies after learning of the issue late on May 28.

Pitt did not respond to questions about who might have been trying to use the vulnerability to steal data, “We have no evidence of it being used to spread malware,” he said. Though he told Reuters that this breach had also impacted the software’s eponymous cloud-based service, “As of now we see no exploit of the cloud platform”.

He claimed that MOVEit Transfer was used by a comparatively “small” number of customers compared to the company’s other software products. He added, “We have forensics partners on board and we are working with them to make sure that we have an ever-evolving grasp of the situation.”

Rapid7, a cybersecurity company, and Mandiant Consulting, a company owned by Alphabet’s Google, claimed to have discovered numerous cases in which the flaw had been used to steal data. The chief technology officer of Mandiant Consulting, Charles Carmakal, said in a statement, “Mass exploitation and broad data theft have occurred over the past few days”.

According to Mandiant, such “zero-day”, or previously undiscovered vulnerabilities in the past in managed file transfer solutions have resulted in data theft, leaks, extortion, and victim-shaming. He added, “Although Mandiant does not yet know the motivation of the threat actor, organisations should prepare for potential extortion and publication of the stolen data”.

Rapid7 said it had noticed an uptick in cases of compromise linked to the flaw since it was disclosed. Users who are at risk can take the actions indicated by Progress Software to lessen the effects of the security vulnerability, such as disabling all HTTP traffic to your MOVEit Transfer environment, deleting unauthorised files and user accounts, resetting service account credentials and applying the patch to remove the flaw etc.

Also Read: Beware! Delete these 101 applications to protect your Android phones from dangerous malware

Hackers are notorious for using loopholes in software and devices to harm users or infect user devices using malware to steal their data. Recently, a new Trojan malware called SpinOk was discovered, and reportedly it affected as many as 101 applications on Google Play Store. Researchers at Dr Web, in collaboration with BleepingComputer, have identified this new spyware. Researchers have claimed that these malware attacks are in the form of advertisements and looks like third-party attack. The motive of the hackers is to target the personal data of individuals.

Just few days back Indian Computer Emergency Response Team or CERT-In released an advisory report stating that an Android malware named “Daam” infects mobile phones is spreading. This virus can access private information like call logs, contacts, history, and cameras. The advisory stated that the virus is capable of “bypassing anti-virus programs and deploying ransomware on the targeted devices”.

Also Read: Beware! Delete these 101 applications to protect your Android phones from dangerous malware
Topics: Ian Pittsecurity breachsecurity flawMandiantRapid7IpswitchmalwareMOVEitProgress
Share4TweetSendShareSend
✮ Subscribe Organiser YouTube Channel. ✮
✮ Join Organiser's WhatsApp channel for Nationalist views beyond the news. ✮
Previous News

Japanese PM Fumio Kishida “deeply saddened” over loss of lives in Odisha train tragedy

Next News

Study says memory killer cells can improve melanoma patients’ chances of survival

Related News

New Delhi, Apr 06 (ANI): Security personnel and Forensic team at Delhi Assembly premises after a car with a Uttar Pradesh registration number forcibly entered Gate No. 2, breaking the iron gate. The driver placed a bouquet there and left. The search for the vehicle is underway, in New Delhi on Monday. (ANI Video Grab)

Delhi Assembly Security Breach: Man places ‘bouquet’ at premises after forcibly entering complex; Accused arrested

Bharat is a testament to resilience, inclusiveness & cultural continuity

Bharat: A legacy of unity, resilience and cultural brilliance

Congress leader Rahul Gandhi (Right)

Z+ security protocol violated, CRPF raises alarm over foreign trips of Rahul Gandhi

Karnataka: Congress-run state rocked by scandal as Doctor smuggles phones to terrorists inside Parappana Agrahara Jail

Karachi Jail Breach

Massive Security Breach at Karachi Jail: 500-200 dangerous criminals are reportedly on the loose

PM Modi's cavalcade

Punjab: Ferozepur court issues arrest warrants against 25 accused in PM Modi’s 2022 security breach case  

Load More

Latest News

The deities' three chariots are ready for the sacred Shree Gundicha Yatra

Three Grand chariots ready at Singhadwara as Puri immerses in devotion ahead of Rath Yatra 2026

Shikshit Uttar Pradesh 2047: “Education is the basic requirement for development”, says Pilot Rakesh Tyagi

Semicon 2.0 to Urea Self-Reliance: Union Cabinet unveils Rs 2.19L crore projects to propel economic prosperity of India

Tamil Nadu: Madras HC cancels registration of Rs 100 crore Palani Murugan Temple land in private individuals’ names

Keralam: ‘Tipu’s Nemesis’, AI-powered cinematic tribute recreates Travancore’s historic resistance against Tipu Sultan

Madhya Pradesh Chief Minister Mohan Yadav speaks at the inauguration of the 'MP Tech Growth Conclave 3.0: GCC, Data Centre and Semiconductor' event, in Bhopal

From Agrarian State to Technology Powerhouse: MP Tech Growth Conclave 3.0 shapes Madhya Pradesh’s high-tech future

Telangana: Hindu auto driver threatened by police over Sanatana Dharma quotes in Hyderabad; VHP demands action

Bharatbodh reflects Bharat's timeless civilisational consciousness and cultural identity

Bharatbodh Explained: Understanding Bharat’s civilisational consciousness and cultural identity

The MHA has proposed recruitment rules for CEO and Additional CEO posts at I4C, inviting stakeholder feedback till August 14

MHA proposes recruitment rules for CEO, additional CEO posts at I4C; seeks stakeholder feedback till August 14

Odisha Govt signs MoU with Guru Padmasambhava Baudh Mahavihara to boost Buddhist Heritage and spiritual tourism

Load More
  • Privacy
  • Terms
  • Cookie Policy
  • Refund and Cancellation
  • Delivery and Shipping

© Bharat Prakashan (Delhi) Limited.
Tech-enabled by Ananthapuri Technologies

  • Home
  • Search Organiser
  • Bharat
    • Assam
    • Bihar
    • Chhattisgarh
    • Jharkhand
    • Maharashtra
    • View All States
  • World
    • Asia
    • Africa
    • North America
    • South America
    • Europe
    • Australia
  • Editorial
  • Operation Sindoor
  • Opinion
  • Analysis
  • Defence
  • Culture
  • Sports
  • Business
  • RSS @ 100
  • Entertainment
  • More ..
    • Sci & Tech
    • Vocal4Local
    • Special Report
    • Education
    • Employment
    • Books
    • Interviews
    • Travel
    • Health
    • Politics
    • Law
    • Economy
    • Obituary
  • Subscribe Magazine
  • Read Ecopy
  • Advertise
  • Circulation
  • Careers
  • About Us
  • Contact Us
  • Policies & Terms
    • Privacy Policy
    • Cookie Policy
    • Refund and Cancellation
    • Terms of Use

© Bharat Prakashan (Delhi) Limited.
Tech-enabled by Ananthapuri Technologies