USA– On Tuesday, March 3, Microsoft claimed and detected a group of Chinese hackers, has a campaign of cyber-attack against Microsoft Exchange- the professional email software. They go after NGOs, law firms, and researchers to steal information from them. Moreover, the Redmond firm delivered a correction but refuses to say how many victims made this incident.
Microsoft, one of the leading computer giants, said that the hackers belong to a group called «Hafnium», which would have the support and related to the Chinese state. Tom Burt, Microsoft’s vice president in charge of security, also added “he is a highly qualified player with sophisticated techniques,” while explaining the issue on his blog. To justify its claims, it cites the profile or story of the victims, the tactics and methods employed.
Shortly afterward it came out that the hacker group would have used as a gateway 4 vulnerabilities in various versions of Microsoft Exchange software. But it has not yet been found nor documented. The reason for the event could be these security breaches or passwords stolen to access or that allowed hackers to follow users’ mailboxes.
The assumptions are: It would create what is known as a Web shell to remotely monitor the refereed server. Second, it could get remote access from US-based private servers, to perform network data theft- said Burt in a statement on Tuesday.
Later, the company released high-security updates to its customer base to protect them and help them save their information. It has also encouraged all Exchange Server users to apply these updates as soon as possible to other procedures.
Microsoft Exchange Server is a platform specifically for professional customers. So far, there is no proof that Hafnium’s actions targeted individual perspectives or exploits the impact of other Microsoft units or products, informed by Burt.
According to media reports, it is the eighth time since last year that Microsoft has publicly presented groups of nation-states targeting institutions that are vital to society. Earlier, one activity targeted health care organizations fighting the COVID-19 pandemic. In addition, interference has been observed in political campaigns, high-level campaigns, etc., Burt said.
Finally, Microsoft believes that cyber-attacks can target infectious disease researchers, NGOs, law firms, defense entrepreneurs, and much more.
Note: This news is based on millions of articles over the internet, Global Business Line does not take any responsibility for the facts and information mentioned in this news article.