At least 10 hacking groups using Microsoft software flaw: Report
At least 10 hacking groups are using flaws in Microsoft Corp.’s mail server software to break in to targets around the globe, cybersecurity company ESET has warned.
On March 2, Microsoft said there were vulnerabilities in its Exchange Server mail and calendar software for corporate and government data centers. Tens of thousands of organizations have been compromised so far.
The recently discovered flaws enable hackers to conduct industrial-scale cyber espionage and steal emails virtually at will from vulnerable servers or move elsewhere in the network.
In a blog post on Wednesday, ESET said there were already signs of cybercriminal exploitation, noting a group, which specializes in stealing computer resources to mine cryptocurrency, is breaking in to previously susceptible Exchange servers to spread its malicious software.
Nine other espionage-focused groups, the company said, were abusing the flaws to break in to targeted networks, several of which have been tied to China. Beijing, however, denies any role.
Authorities in the United States and Europe have, in the meantime, issued warnings about the weaknesses found in the software as new victims are being made public daily.
Norway’s parliament, for instance, announced Wednesday that data had been “extracted” in a breach made possible because of the Microsoft flaws.
In Germany, the country’s cybersecurity watchdog agency also said on Wednesday two federal authorities had been targeted.
Microsoft has issued security patches, but due to the slow pace of many customers’ updates - which experts attribute in part to the complexity of Exchange’s architecture - the field remains at least partially open to hackers of all types.
The hack will probably mark one of the top cybersecurity events of the year since Exchange is still widely used around the world.
Last week, the US Cybersecurity and Infrastructure Security Agency (CISA) warned that the flaws could "enable an attacker to gain control of an entire enterprise network."
Meanwhile, the administration of US President Joe Biden is expected to form a task force comprised of multiple agencies — including the National Security Council, FBI, CISA and others — to resolve the issue.
"This has the potential to simultaneously affect organizations that are critical to everyday life in the US," a source familiar with the US government investigation into the attack told CNN.
US police arrest 108 pro-Palestine protesters at Columbia University
Mass rallies held in major US cities in support of Gaza
Yale students threaten hunger strike over university connection to Gaza war
Israeli airstrike kills at least 7 people in Rafah
VIDEO | Iranians hold nationwide demos in support of IRGC
Syria condemns US veto of Palestine UN membership resolution
Iraqi resistance forces hit Israeli Ovda air base
Hackers break into Israeli military’s computers, access trove of documents
Tulkarm Brigade commander killed by Israeli forces in raid on refugee camp
Zionist media desperately trying to turn Israeli defeat into victory: Iran
VIDEO | Press TV's news headlines
This makes it easy to access the Press TV website
