In early 2025, a European broadcasting company suffered a breach. The attacker used spear-phishing to obtain credentials for a production manager who had access to a FileCatalyst server. Within 45 minutes, the attacker created a new transfer job for 1.8 TB of unreleased content, using the company’s own high-speed backbone. The transfer completed in 22 minutes. Traditional egress monitoring on port 443/SSH showed nothing unusual; only deep packet inspection of UDP streams revealed the non-standard FileCatalyst handshake.
Using automated tools to find unpatched servers exposed to the internet. filecatalyst cybercriminals
This is where FileCatalyst enters the criminal toolkit. Built on proprietary UDP (User Datagram Protocol) acceleration technology, FileCatalyst is designed to transfer files at line speed, regardless of network latency. It is immune to the packet loss issues that plague standard TCP transfers. In early 2025, a European broadcasting company suffered