The Malaysia Computer Emergency Response Team (MyCert) has issued an advisory on the MOVEit Transfer security flaw, which is being exploited by a ransomware gang to breach a number of companies around the world.
MyCert said in its advisory that threat actors could exploit the vulnerability to take over an affected system, adding that all MOVEIt Transfer versions are susceptible.
“MyCERT urges users and organisations to review the MOVEit Transfer Advisory (released by developer Progress), follow the mitigation steps, apply the necessary updates, and hunt for any malicious activity,” it said in the advisory released on June 15.
Among the recommendations listed in the advisory by Progress are to disable traffic into the MOVEit Transfer environment or system, delete unauthorised files/users accounts, and apply updated security patches.
MOVEit is a file transfer software generally used by corporations to share large files over the Internet.
In Malaysia, insurance companies Prudential Assurance Malaysia and Prudential BSN Takaful confirmed that they have been affected by a MOVEit cybersecurity incident.
The June 14 statement stated a likelihood that “personal agent and customer data” such as name, contact number and partial credit card information is affected due the incident. Investigations are ongoing.
According to TechCrunch, ransomware gang Clop has claimed responsibility for hacking a number of organisations around the world using the MOVEit vulnerability. They posted a victim list on the dark web naming companies like US-based bank 1st Source and UK-based Shell.
Other companies such as BBC and British Airways have also disclosed that their organisations were affected by the MOVEit vulnerability.
In a statement originally released on May 31, Progress reported that a vulnerability discovered in MOVEit Transfer and MOVEiT Cloud “could lead to escalated privileges and potential unauthorised access to the environment”.
Progress said it has alerted customers and released a security patch.