Shell has confirmed that the Ciberatake Clop group subjected its Moveit file transmission tool to cyber attack. The company’s representative stated that the incident affected the Moveit Transfer service, which is used by only a small number of Shell’s customers.
Despite this, Shell has emphasized that there is no evidence of impact on its core IT systems. The company’s IT teams are already investigating the issue. Shell further stated that it is not negotiating with the hackers.
The Moveit Transfer product is widely used by organizations for safe file exchange with partners and clients. This cyber attack vulnerability is being actively exploited by the CLOP group, which specializes in stealing data from high-ranking government, financial, media, aviation, and medical organizations.
This vulnerability is related to the SQL-defense, which allows unauthorized access to the Moveit Transfer database and the execution of arbitrary code on the server.
The CLOP group recently claimed to be “one of the leading organizations offering pentest post-factual services”, and warned any companies using Moveit Transfer software that their data would be available to hackers. The extortionists demanded that representatives of affected organizations contact them by email before June 14th.
Otherwise, the hackers will automatically release the stolen data into the public domain. Shell had previously fallen victim to Clop’s attack back in 2021 when the group hacked the Accellion file exchange system. Consequently, the attackers accessed information related to large shareholders and subsidiaries.