As described by the US government, five hacking groups are targeting Microsoft email servers. Out of these 5 groups, one is alleged to be from China. These illegal activists are attacking the Microsoft email server vulnerabilities which are termed as, "widespread domestic and international exploitation." Hundreds of thousands of people are getting affected by the attack globally.
Indeed, Microsoft has claimed that a chinese government-linked hacking group has targeted its “Exchange Server Software.” The chinese group is identified as “Hafnium.” Now, as reported by MIT Technology Review- the technology magazine, 4 other hacking groups are suspected of attacking the Microsoft email server flaws.
Not only the technology magazine, but a cyber security firm named Red Canary has also reported about the Microsoft vulnerability attacks.
Katie Nickels, the intelligence team lead at the cyber security firm mentioned in her report:
"There are at least five different clusters of activity that appear to be exploiting the vulnerabilities,"
"The challenge is that this is all so murky and there is so much overlap. What we've seen is that from when Microsoft published about Hafnium, it has expanded beyond just Hafnium. We've seen activity that looks different from tactics, techniques and procedures from what they reported on,"
As reported by KrebsOnSecurity, around 30000 US organizations are impacted due to the email vulnerability attack. The organizations include both private firms and government institutes. Moreover, it is alleged that it is Chinese-based hacking activists who used Microsoft Exchange Servers to target the network. Mainly, the groups have used four major vulnerabilities to enter the respective networks.
Microsoft informed that the vulnerabilities allow the hackers to access users’ email accounts, which can even permit them to install malware. The Microsoft Exchange Server is primarily used by the business customers.
On the incident, Microsoft ensured safety to their users and explained that they are closely in liaison with CISA, security companies and government agencies.
Besides, the company has released several updates and advised their users to immediately install them in their system.
Stay connected with ISOEH (Indian School of Ethical Hacking) to get updates on IT and cyber security news. We timely release imperative news articles which help the reader to stay safe from any cyber threat.
Keep following and do share the content in your circle. Let’s help each other to prevent cyber attacks.