Microsoft Allege Email Software Server Hack By Chinese Hackers: Reuters

Microsoft Corp's (NASDAQ: MSFT) email inboxes have been remotely compromised using novel flaws in the mail server software by a China-linked cyber-espionage group, Reuters reports. The alleged hacker named HAFNIUM is a state-sponsored entity functioning out of China. The hackers utilized four previously undetected weaknesses in different versions of the software.

  • The hackers allegedly exploited Microsoft's vulnerabilities to hack into the Exchange Server, enabling them to scramble email accounts and install malware for long-term access.
  • Microsoft urged its users to download software patches upon detecting several 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server.
  • Cyber-security firm Volexity had reportedly observed hackers using one of the vulnerabilities to steal the contents of several user mailboxes in January remotely. The hackers just required the details of the Exchange server and the account they wanted to loot.
  • China denied the allegations and sought evidence for the cyberattacks.
  • Dell Technologies Inc's (NYSE: DELL) Secureworks director of intelligence, Mike McLellan, reportedly disclosed an abrupt spike in activity touching Exchange servers overnight on Sunday, affecting around ten customers ahead of the Microsoft hack.
  • Microsoft products were already under scrutiny since the hack of SolarWinds Corp (NYSE: SWI). Hackers exploited Microsoft services set up by customers. The SolarWinds hackers also breached Microsoft source code, including elements of Exchange, email, and calendaring product.
  • SolarWinds, Microsoft, FireEye Inc (NASDAQ: FEYE), and CrowdStrike Holdings Inc (NASDAQ: CRWD) officials recently testified to the Senate for the Russian cyberattacks. Microsoft pleaded with the cyberattack victims to disclose information towards a complete resolution.
  • The current hacking activity appeared to be focused on seeding malicious software and setting the foundation for a possibly deeper intrusion in the future instead of immediate damage, as per Dell. 
  • Further, the company did not observe any follow-on activity and intended to introspect victimized companies. The infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and non-governmental groups appear to be the soft targets for the attacks, as per Dell.
  • Price action: MSFT shares are up 0.25% at $234.45 in the premarket session on the last check Wednesday.
Market News and Data brought to you by Benzinga APIs
Comments
Loading...
Posted In: NewsTechMediahackersReuters
Benzinga simplifies the market for smarter investing

Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.

Join Now: Free!