Metacurity

Share this post

Investissement Québec Hit by Clop Gang as Reports of GoAnywhere Bug Exploits Grow

metacurity.substack.com

Investissement Québec Hit by Clop Gang as Reports of GoAnywhere Bug Exploits Grow

Clop chief suspect in Rio Tinto hack, Kimsuky uses Chrome extension to steal Gmails, Researchers warned about Pinduoduo weeks before Google banned it, FTC seeks cloud security info, much more

Cynthia Brumfield
Mar 23, 2023
∙ Paid
1
Share
Share this post

Investissement Québec Hit by Clop Gang as Reports of GoAnywhere Bug Exploits Grow

metacurity.substack.com

Metacurity is a reader-supported publication, and I need your help. Consider becoming a paid subscriber to receive new posts and support my work.

red and gray train rail
Photo by Lars Kienle on Unsplash

The number of victims affected by a mass-ransomware attack caused by a bug in Fortra’s GoAnywhere file transfer software continues to grow, with Canadian financing giant Investissement Québec confirming that the Clop ransomware gang recently stole some employee personal information.

Clop has disclosed less than half of the 130 organizations it claimed to have compromised via GoAnywhere. It isn’t clear if Fortra, which has not publicly commented on the incident, knows which customers are affected, and their spokespeople have refused to comment.

Details on the GoAnywhere flaw only came to light on February 2 after security reporter Brian Krebs first reported details of the bug, which Fortra had hidden behind a login screen on its website. Fortra released security fixes for GoAnywhere five days later, on February 7.…

Keep reading with a 7-day free trial

Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
Previous
Next
© 2023 DCT Associates
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing