Microsoft on target: 5 different hacking groups target the company’s email server, including a Chinese group
5 hacking groups have attacked the American tech company Microsoft’s email server. These groups also include a Chinese hacker. This information has been made in the ‘widespread domestic and international exploitation’ by the US government which can affect hundreds of victims around the world.
Microsoft has already told that China is targeting it with the help of Exchange Server software. In such a situation, the review report of MIT Technology has now said that at least four different hacking groups have attacked Microsoft’s email software.
Hackers took advantage of vulnerabilities
Katie Nickels, who led an intelligence team at the cyberspace firm Red Canary investigating the cyber attack, said in the report that there are at least 5 different clusters of activity that appear to exploit the vulnerabilities.
Microsoft said that CISA (Cyberspace and Infrastructure Security Agency) is working closely with other government agencies and security companies to ensure that we are providing the best service for our customers.
Large number of cyber attack victims
White House press secretary Jen Psaki said last week that there are a large number of victims who are working with our partners to understand the scope of this. She added that network owners also need to consider whether they have already been compromised and should take appropriate steps immediately.
According to an investigative report, at least 30,000 organizations in the US, including the government and commercial firms, have been tried to be hacked by hackers from China. They used Exchange Server software to enter Microsoft’s network.
Being targeted like this
The Microsoft Threat Intelligence Center (MSTIC) has discovered that Hafnium steals passwords before reaching an Exchange server. Second, it creates a web shell from which the server can be remotely controlled. Third, it uses remote access that runs on a US-based private server.
New security update released
The company has released a security update for Exchange Server to protect customers. These updates encourage all Exchange Server customers to implement them immediately. This is the eighth time in the last 12 months that Microsoft has publicly disclosed a group targeting civil society’s important institutions.