Technology NewsTechnology NewsTechnology News
  • Computing
  • AI
  • Robotics
  • Cybersecurity
  • Electric Vehicle
  • Wearables
  • Gaming
  • Space
Reading: Microsoft Links GoAnywhere Flaw to Storm-1175 Ransomware Attacks
Share
Font ResizerAa
Technology NewsTechnology News
Font ResizerAa
Search
  • Computing
  • AI
  • Robotics
  • Cybersecurity
  • Electric Vehicle
  • Wearables
  • Gaming
  • Space
Follow US
  • Cookie Policy (EU)
  • Contact
  • About
© 2025 NEWSLINKER - Powered by LK SOFTWARE
Cybersecurity

Microsoft Links GoAnywhere Flaw to Storm-1175 Ransomware Attacks

Highlights

  • Storm-1175 exploited a GoAnywhere MFT flaw for multi-stage ransomware attacks.

  • Fortra has yet to acknowledge active exploitation despite mounting evidence.

  • Organizations across several sectors are urged to review their cyber defenses.

Samantha Reed
Last updated: 7 October, 2025 - 11:49 pm 11:49 pm
Samantha Reed 3 weeks ago
Share
SHARE

News has emerged of a cyber threat targeting enterprises that use Fortra’s GoAnywhere MFT, as Microsoft Threat Intelligence confirmed that Storm-1175, a known cybercriminal group, leveraged a high-severity vulnerability to launch sophisticated attacks. Storm-1175 reportedly accessed organizations’ systems to install malicious tools and deploy Medusa ransomware, affecting multiple sectors. Recent findings sparked concerns over transparency from Fortra, with security professionals and organizations calling for more effective communications regarding exploited vulnerabilities. Corporate security teams now face renewed pressure to reassess their cyber defense strategies as technical and procedural gaps become evident.

Contents
How Did Storm-1175 Exploit GoAnywhere MFT?What Role Did Fortra and Other Security Firms Play?Which Organizations Are at Risk from These Attacks?

Microsoft’s recent disclosure builds on earlier industry reports about the GoAnywhere MFT vulnerability. Previously, security researchers shared indicators of compromise and discussed patterns of exploitation but there was often ambiguity surrounding the specific actors behind the activity. While earlier briefings laid out generic ransomware behaviors and potential impacts, the current analysis from Microsoft adds clarity by directly linking Storm-1175 to the timeline and technical details of the incident, which had been lacking from Fortra’s prior advisories and public statements.

How Did Storm-1175 Exploit GoAnywhere MFT?

Storm-1175 exploited the CVE-2025-10035 vulnerability in GoAnywhere MFT by gaining remote code execution capabilities. Using this access, the attackers installed remote monitoring tools, such as SimpleHelp and MeshAgent, and deployed web shells to move through targeted networks. According to Microsoft, these intrusions have involved data theft, with some incidents progressing to Medusa ransomware deployments.

“They used this access to install remote monitoring tools such as SimpleHelp and MeshAgent, drop web shells, to move laterally across networks using built-in Windows utilities,”

stated Sherrod DeGrippo, director of threat intelligence strategy at Microsoft.

What Role Did Fortra and Other Security Firms Play?

Fortra issued a security advisory about the flaw on September 18, after the vulnerability was already compromised. Despite the mounting evidence and confirmation from various cybersecurity firms, Fortra has not publicly acknowledged the ongoing exploitation. WatchTowr and other firms provided corroborating evidence, indicating attacker activity started at least a day prior to the official discovery. Federal authorities, including the Cybersecurity and Infrastructure Security Agency (CISA), have categorized the flaw as widely exploited.

“Organizations running GoAnywhere MFT have effectively been under silent assault since at least Sept. 11, with little clarity from Fortra,”

commented Ben Harris, founder and CEO at watchTowr.

Which Organizations Are at Risk from These Attacks?

Storm-1175’s campaigns appear to target a broad range of sectors. Microsoft noted victims in transportation, education, retail, insurance, and manufacturing. The attackers often use legitimate management tools blended with stealthy techniques to avoid detection and increase the chances of monetizing breaches through extortion. The full extent of the compromise remains unclear, as researchers have not disclosed the total number of affected organizations. Security authorities have drawn parallels to a similar GoAnywhere exploit from two years ago, which impacted more than 100 entities worldwide.

The handling of this situation highlights recurring problems in timely vulnerability communication and the importance of threat attribution for organizational risk management. Direct links to Storm-1175 provide incident response teams with actionable intelligence, which was missing in earlier reports on GoAnywhere vulnerabilities. Unlike generic advisories, this targeted analysis underscores the necessity for both promptly published technical details and vendor transparency in defending against advanced, financially-minded threat groups. Organizations using third-party file transfer solutions like GoAnywhere should prioritize regular patching, continuous monitoring for suspicious activity, and engaging with current threat intelligence sources for effective risk mitigation.

You can follow us on Youtube, Telegram, Facebook, Linkedin, Twitter ( X ), Mastodon and Bluesky

You Might Also Like

F5 Addresses Prolonged Breach, Guides Customers Through Security Response

AI Browser Agents Face Threats as Researchers Expose Manipulation Risks

Attackers Exploit Flaw in Deprecated Windows Server Update Services

Cyber Attackers Target Overlooked Network Devices as Defenses Strengthen

North Korean Lazarus Group Targets European Drone Firms

Share This Article
Facebook Twitter Copy Link Print
Samantha Reed
By Samantha Reed
Samantha Reed is a 40-year-old, New York-based technology and popular science editor with a degree in journalism. After beginning her career at various media outlets, her passion and area of expertise led her to a significant position at Newslinker. Specializing in tracking the latest developments in the world of technology and science, Samantha excels at presenting complex subjects in a clear and understandable manner to her readers. Through her work at Newslinker, she enlightens a knowledge-thirsty audience, highlighting the role of technology and science in our lives.
Previous Article OpenAI Identifies Existing Hacking Tactics Adopting ChatGPT for Efficiency
Next Article Cybertruck Owners Await Tesla Full Self-Driving v14.1

Stay Connected

6.2kLike
8kFollow
2.3kSubscribe
1.7kFollow

Latest News

Wordle Players Solve October 29 Puzzle Using Strategic Clues
Gaming
Hololive Vtubers Begin Regular Twitch Streams After Partnership Deal
Gaming
Philips Lowers Outdoor Light Price Before Black Friday Sales Surge
Wearables
Microsoft Pushes for High Gaming Profits as Strategy Shifts
Gaming
Advantech Targets Robotics and Medical AI With Jetson Thor Edge Systems
AI Robotics
NEWSLINKER – your premier source for the latest updates in ai, robotics, electric vehicle, gaming, and technology. We are dedicated to bringing you the most accurate, timely, and engaging content from across these dynamic industries. Join us on our journey of discovery and stay informed in this ever-evolving digital age.

ARTIFICAL INTELLIGENCE

  • Can Artificial Intelligence Achieve Consciousness?
  • What is Artificial Intelligence (AI)?
  • How does Artificial Intelligence Work?
  • Will AI Take Over the World?
  • What Is OpenAI?
  • What is Artifical General Intelligence?

ELECTRIC VEHICLE

  • What is Electric Vehicle in Simple Words?
  • How do Electric Cars Work?
  • What is the Advantage and Disadvantage of Electric Cars?
  • Is Electric Car the Future?

RESEARCH

  • Robotics Market Research & Report
  • Everything you need to know about IoT
  • What Is Wearable Technology?
  • What is FANUC Robotics?
  • What is Anthropic AI?
Technology NewsTechnology News
Follow US
About Us   -  Cookie Policy   -   Contact

© 2025 NEWSLINKER. Powered by LK SOFTWARE
Welcome Back!

Sign in to your account

Register Lost your password?