HQ/EMEAFind out how we can help your business
Security researchers discovered ongoing exploitation of a zero-day flaw that affected the managed file-transfer solution, GoAnywhere MFT, owned by Fortra. This issue is critical as numerous companies, local government entities, and educational institutions use the data transfer platform in daily operations.
Threat actors commonly target data transfer tools such as GoAnywhere MFT, Accellion, and FileZen, as these tools typically contain highly sensitive information vital for cyberattacks.
Fortra released a private advisory in its customer portal, discussing that the discovered flaw is a remote code injection that threat actors cannot easily abuse unless they have administrative console access. In response, the company deployed a temporary service outage while investigations and mitigations were underway.
The company advised partnering with their customer support team to set appropriate GoAnywhere MFT access control and limit trusted sources.
Over a thousand instances of exposed GoAnywhere MFT tools across the internet have been found. Fortunately, the number kept decreasing, although experts are still warning to be cautious against potential attacks that may leverage the vulnerability.
Despite all the concerns, the company has yet to comment on when a security patch will be released for users. Other cybersecurity teams have also confirmed that Fortra has not mentioned any plans for a patch unless an announcement from the company is made soon.
While GoAnywhere MFT users are still kept hanging about the fixes for the bug, they are advised to review all admin users in their app and closely monitor for unfamiliar usernames – especially those that are system-generated.
Threat actors could create new admins or other malicious users to take control or obtain persistence on affected systems. These hackers could also gain access to vulnerable systems using reused, weak, or default user credentials that have not been changed for some time.
Users must also be mindful of suspiciously created accounts by assessing their time and date creation stamps.
