Technology NewsTechnology NewsTechnology News
  • Computing
  • AI
  • Robotics
  • Cybersecurity
  • Electric Vehicle
  • Wearables
  • Gaming
  • Space
Reading: Microsoft Links GoAnywhere Flaw to Storm-1175 Ransomware Attacks
Share
Font ResizerAa
Technology NewsTechnology News
Font ResizerAa
Search
  • Computing
  • AI
  • Robotics
  • Cybersecurity
  • Electric Vehicle
  • Wearables
  • Gaming
  • Space
Follow US
  • Cookie Policy (EU)
  • Contact
  • About
© 2025 NEWSLINKER - Powered by LK SOFTWARE
Cybersecurity

Microsoft Links GoAnywhere Flaw to Storm-1175 Ransomware Attacks

Highlights

  • Storm-1175 exploited a GoAnywhere MFT flaw for multi-stage ransomware attacks.

  • Fortra has yet to acknowledge active exploitation despite mounting evidence.

  • Organizations across several sectors are urged to review their cyber defenses.

Samantha Reed
Last updated: 7 October, 2025 - 11:49 pm 11:49 pm
Samantha Reed 2 hours ago
Share
SHARE

News has emerged of a cyber threat targeting enterprises that use Fortra’s GoAnywhere MFT, as Microsoft Threat Intelligence confirmed that Storm-1175, a known cybercriminal group, leveraged a high-severity vulnerability to launch sophisticated attacks. Storm-1175 reportedly accessed organizations’ systems to install malicious tools and deploy Medusa ransomware, affecting multiple sectors. Recent findings sparked concerns over transparency from Fortra, with security professionals and organizations calling for more effective communications regarding exploited vulnerabilities. Corporate security teams now face renewed pressure to reassess their cyber defense strategies as technical and procedural gaps become evident.

Contents
How Did Storm-1175 Exploit GoAnywhere MFT?What Role Did Fortra and Other Security Firms Play?Which Organizations Are at Risk from These Attacks?

Microsoft’s recent disclosure builds on earlier industry reports about the GoAnywhere MFT vulnerability. Previously, security researchers shared indicators of compromise and discussed patterns of exploitation but there was often ambiguity surrounding the specific actors behind the activity. While earlier briefings laid out generic ransomware behaviors and potential impacts, the current analysis from Microsoft adds clarity by directly linking Storm-1175 to the timeline and technical details of the incident, which had been lacking from Fortra’s prior advisories and public statements.

How Did Storm-1175 Exploit GoAnywhere MFT?

Storm-1175 exploited the CVE-2025-10035 vulnerability in GoAnywhere MFT by gaining remote code execution capabilities. Using this access, the attackers installed remote monitoring tools, such as SimpleHelp and MeshAgent, and deployed web shells to move through targeted networks. According to Microsoft, these intrusions have involved data theft, with some incidents progressing to Medusa ransomware deployments.

“They used this access to install remote monitoring tools such as SimpleHelp and MeshAgent, drop web shells, to move laterally across networks using built-in Windows utilities,”

stated Sherrod DeGrippo, director of threat intelligence strategy at Microsoft.

What Role Did Fortra and Other Security Firms Play?

Fortra issued a security advisory about the flaw on September 18, after the vulnerability was already compromised. Despite the mounting evidence and confirmation from various cybersecurity firms, Fortra has not publicly acknowledged the ongoing exploitation. WatchTowr and other firms provided corroborating evidence, indicating attacker activity started at least a day prior to the official discovery. Federal authorities, including the Cybersecurity and Infrastructure Security Agency (CISA), have categorized the flaw as widely exploited.

“Organizations running GoAnywhere MFT have effectively been under silent assault since at least Sept. 11, with little clarity from Fortra,”

commented Ben Harris, founder and CEO at watchTowr.

Which Organizations Are at Risk from These Attacks?

Storm-1175’s campaigns appear to target a broad range of sectors. Microsoft noted victims in transportation, education, retail, insurance, and manufacturing. The attackers often use legitimate management tools blended with stealthy techniques to avoid detection and increase the chances of monetizing breaches through extortion. The full extent of the compromise remains unclear, as researchers have not disclosed the total number of affected organizations. Security authorities have drawn parallels to a similar GoAnywhere exploit from two years ago, which impacted more than 100 entities worldwide.

The handling of this situation highlights recurring problems in timely vulnerability communication and the importance of threat attribution for organizational risk management. Direct links to Storm-1175 provide incident response teams with actionable intelligence, which was missing in earlier reports on GoAnywhere vulnerabilities. Unlike generic advisories, this targeted analysis underscores the necessity for both promptly published technical details and vendor transparency in defending against advanced, financially-minded threat groups. Organizations using third-party file transfer solutions like GoAnywhere should prioritize regular patching, continuous monitoring for suspicious activity, and engaging with current threat intelligence sources for effective risk mitigation.

You can follow us on Youtube, Telegram, Facebook, Linkedin, Twitter ( X ), Mastodon and Bluesky

You Might Also Like

OpenAI Identifies Existing Hacking Tactics Adopting ChatGPT for Efficiency

Clop Hackers Target Oracle Zero-Day, Prompt Urgent Response

Okta and Zscaler Respond to Salesloft Drift Security Breach

Red Hat Reports Consulting Data Breach in GitLab System

Clop Demands Payment From Oracle Users via Targeted Emails

Share This Article
Facebook Twitter Copy Link Print
Samantha Reed
By Samantha Reed
Samantha Reed is a 40-year-old, New York-based technology and popular science editor with a degree in journalism. After beginning her career at various media outlets, her passion and area of expertise led her to a significant position at Newslinker. Specializing in tracking the latest developments in the world of technology and science, Samantha excels at presenting complex subjects in a clear and understandable manner to her readers. Through her work at Newslinker, she enlightens a knowledge-thirsty audience, highlighting the role of technology and science in our lives.
Previous Article OpenAI Identifies Existing Hacking Tactics Adopting ChatGPT for Efficiency
Next Article Cybertruck Owners Await Tesla Full Self-Driving v14.1

Stay Connected

6.2kLike
8kFollow
2.3kSubscribe
1.7kFollow

Latest News

Cybertruck Owners Await Tesla Full Self-Driving v14.1
Electric Vehicle
Tesla Introduces Lower Priced Model 3 and Model Y Variants
Electric Vehicle
eInfochips and InOrbit Join to Simplify Large-Scale Robot Fleet Management
Robotics
UNDP Drives Localized AI Solutions to Serve All Communities
AI Technology
Scientists Receive Physics Nobel for Experiments Shaping Quantum Technology
Gaming
NEWSLINKER – your premier source for the latest updates in ai, robotics, electric vehicle, gaming, and technology. We are dedicated to bringing you the most accurate, timely, and engaging content from across these dynamic industries. Join us on our journey of discovery and stay informed in this ever-evolving digital age.

ARTIFICAL INTELLIGENCE

  • Can Artificial Intelligence Achieve Consciousness?
  • What is Artificial Intelligence (AI)?
  • How does Artificial Intelligence Work?
  • Will AI Take Over the World?
  • What Is OpenAI?
  • What is Artifical General Intelligence?

ELECTRIC VEHICLE

  • What is Electric Vehicle in Simple Words?
  • How do Electric Cars Work?
  • What is the Advantage and Disadvantage of Electric Cars?
  • Is Electric Car the Future?

RESEARCH

  • Robotics Market Research & Report
  • Everything you need to know about IoT
  • What Is Wearable Technology?
  • What is FANUC Robotics?
  • What is Anthropic AI?
Technology NewsTechnology News
Follow US
About Us   -  Cookie Policy   -   Contact

© 2025 NEWSLINKER. Powered by LK SOFTWARE
Welcome Back!

Sign in to your account

Register Lost your password?