Over 20,000 US organizations were compromised after an attack on Microsoft’s email software.
According to media reports, the hack has more impact than the SolarWinds Corp. download, which experienced a massive hack in December 2020. Quoting a person who was familiar with the US government’s response on Friday, Reuters said that after installing a back door, the organizations suffered exploitation of pre-existing bugs in the software.
In addition, the hack has affected thousands of organizations in Asia and Europe. Even then, the hacks continue to plague the company despite emergency patches. Initially, Microsoft claimed that the hacks consisted of “limited and targeted attacks” but did not comment on the severity of the problem.
It added, “Affected customers should contact our support teams for additional help and resources.” A scan of the connected devices showed that by Friday only 10 percent of the vulnerable had installed the patches.
Also read: SolarWinds Hack was the work of more than 1,000 engineers: Microsoft
On Tuesday, the company claimed the hacking group infiltrated email inboxes. Microsoft claimed in a blog post that hackers had exploited previously unknown security holes. Four security vulnerabilities have been reportedly found in Microsoft’s email software. The group that hacked the company is known as HAFNIUM, which Microsoft claims is linked to China.
In another post, Volexity – a cybersecurity company – claimed it had observed hackers using one of the four software vulnerabilities to steal “the entire contents of multiple user mailboxes.” The hackers only needed information about an Exchange server and information about the account they were trying to hack.
Also read: Microsoft planned to buy the social media company Pinterest: Report
Over the years, many countries, including the US, have accused China of monitoring cyber espionage activities, which Chinese authorities continue to deny. Even before Microsoft officially recognized the hack, the hacking activity had started to attract the attention of analysts in the cybersecurity community.
Mike McLellan, Director of Intelligence at Secureworks for Dell Technologies Inc., was quoted by Reuters as saying that there was an increase in activity on Exchange servers on Sunday. Even at this company, 10 customers were affected. According to McLellan, hacking activity with a focus on the seeding of malicious software had increased, which could also indicate potential interference with Microsoft’s networks.
According to Microsoft, the Chinese hackers’ targets included infectious disease researchers, educational institutions, defense companies, political think tanks and NGOs.
