A group of hackers allegedly linked to China “looted” “inboxes” of email accounts using vulnerabilities in Microsoft’s “mail server” software, the company and outside investigators reported on Tuesday.
In a related “blogpost” Microsoft states that this cyber espionage company used four vulnerabilities in different versions of the software and was the work of a group it calls “HAFNIUM”. According to the company, this group has government support and operates from China.
According to Reuters, in a separate “blogpost”, cybersecurity company “Volexity” reported that in January it had seen hackers use one of the vulnerabilities to intercept the “full contents of many user mailboxes”. All they needed were the details of the “Exchange server” and the account they wanted to “loot”, according to “Volexity”.
Wang Wenbin, a spokesman for the Chinese Foreign Ministry, said on Wednesday that China opposes all forms of cyberattacks and wishes:
“the relevant media and companies to adopt a professional and responsible attitude, and to base the characterisations of cyberattacks on evidence instead of unfounded speculation and accusations”.
As Reuters points out, before Microsoft’s announcement, hackers’ increasingly aggressive actions had begun to attract attention across the cybersecurity community.
Mike McLhelan, information director at Dell Technologies’ Secureworks, said that —ahead of Microsoft’s announcement— he had seen a sudden surge in activity around “Exchange servers” on Sunday night.
(Συνολικές Επισκέψεις: / Total Visits: 12)
(Σημερινές Επισκέψεις: / Today's Visits: 1)