Connor Jones reports:
Security experts have uncovered a hole in Cl0p’s data exfiltration tool that could potentially leave the cybercrime group vulnerable to attack.
The vulnerability in the Python-based software, which was used in the 2023-2024 MOVEit mass data raids, was discovered by Italian researcher Lorenzo N and published by the Computer Incident Response Center Luxembourg (CIRCL).
Classed as an improper input validation (CWE-20) bug, the flaw with an 8.9 severity score is underpinned by a lack of input sanitization, which results in the tool constructing OS commands by concatenating attacker-supplied strings.
Read more at The Register.