Microsoft says Chinese hackers targeted groups via server software

Microsoft says Chinese hackers targeted groups via server software

Via Reuters:

A China-linked cyber-espionage group has been remotely plundering email inboxes using freshly discovered flaws in Microsoft mail server software, the company and outside researchers said on Tuesday – an example of how commonly used programs can be exploited to cast a wide net online.

In a blog post, Microsoft said the hacking campaign made use of four previously undetected vulnerabilities in different versions of the software and was the work of a group it dubs HAFNIUM, which it described as a state-sponsored entity operating out of China.

In a separate blog post, cyber-security firm Volexity said that in January it had seen the hackers use one of the vulnerabilities to remotely steal “the full contents of several user mailboxes.” All they needed to know were the details of Exchange server and of the account they wanted to pillage, Volexity said.

China opposes all forms of cyber-attacks, Chinese foreign ministry spokesman Wang Wenbin said at a news briefing in Beijing on Wednesday.

“China wishes relevant media and companies take a professional and responsible attitude, and base characterizations of cyber-attacks on ample evidence, rather than groundless guesses and accusations,” he said.

Ahead of the Microsoft announcement, the hackers’ increasingly aggressive moves began to attract attention across the cybersecurity community.

Mike McLellan, director of intelligence for Dell Technologies Inc’s Secureworks, said ahead of the Microsoft announcement that he had noticed a sudden spike in activity touching Exchange servers overnight on Sunday, with around 10 customers affected at his firm.

Microsoft’s suite of products has been under scrutiny since the hack of SolarWinds, the Texas-based software firm that served as a springboard for several intrusions across government and the private sector. In other cases, hackers took advantage of the way customers had set up their Microsoft services to compromise their targets or dive further into affected networks.

Hackers who went after SolarWinds also breached Microsoft itself, accessing and downloading source code – including elements of Exchange, the company’s email and calendaring product.

McLellan said that for now, the hacking activity he had seen appeared focused on seeding malicious software and setting the stage for a potentially deeper intrusion rather than aggressively moving into networks right away.

“We haven’t seen any follow-on activity yet,” he said. “We’re going to find a lot of companies affected but a smaller number of companies actually exploited.”

Microsoft said targets included infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and non-governmental groups.

Click here to make a donation.

Click here to subscribe to The CRUSADE Channel’s Founders Pass Member Service.  www.crusadechannel.com/go

What Is The Crusade Channel?

The CRUSADE Channel, The Last LIVE! Radio Station Standing begins our LIVE programming with our all original CRUSADE Channel News hosted by Janet Huxley. Coupled with Mike “The King Dude” Church entertaining you during your morning drive and Rick Barrett giving you the news of the day and the narrative that will follow during your lunch break!

We’ve interviewed over 200 guests, seen Brother Andre Marie notch his 200th broadcast of Reconquest; the The Mike Church Show over 1200 episodes; launched an original LIVE! News Service; written and produced 4 Feature Length original dramas including The Last Confession of Sherlock Holmes and set sail on the coolest radio product ever, the 5 Minute Mysteries series! We are the ONLY outlet to cover the Impeachment of President Trump from gavel to gavel!

Now that you have discovered The Crusade, get 30 days for FREE of our premium service just head to:

https://crusadechannel.com  OR download our FREE app: https://apps.appmachine.com/theveritasradionetworkappIti-

Did you know about Microsoft? If you are interested in supporting small business, be sure to check out the official store of the Crusade Channel, the Founders Tradin Post! Not to mention our amazing collection of DVD’s, Cigars, T-Shirts, bumper stickers and other unique selection of items selected by Mike Church!