Microsoft Warns Chinese Hackers Plundering Email Inboxes Using Flaws.

Microsoft Warns Chinese Hackers Plundering Email Inboxes Using Flaws

Beijing routinely denies carrying out cyberespionage. (Representational)

A China-linked cyberespionage group has been remotely plundering email inboxes using freshly discovered flaws in Microsoft mail server software, the company and outside researchers said on Tuesday - an example of how commonly used programs can be exploited to cast a wide net online.

In a blog post, Microsoft said the hacking campaign made use of four previously undetected vulnerabilities in different versions of the software and was the work of a group it dubs HAFNIUM, which it described as a state-sponsored entity operating out of China.

In a separate blog post, cybersecurity firm Volexity said that in January it had seen the hackers use one of the vulnerabilities to remotely steal "the full contents of several user mailboxes." All they needed to know were the details of Exchange server and of the account they wanted to pillage its emails, Volexity said.

The Chinese Embassy in Washington did not immediately return messages seeking comment. Beijing routinely denies carrying out cyberespionage despite a drumbeat of allegations from the United States and others.

Ahead of the Microsoft announcement, the hackers' increasingly aggressive moves began to attract attention from across the cybersecurity community.

Mike McLellan, director of intelligence for Dell Technologies Inc's Secureworks, said ahead of the Microsoft announcement that he had noticed a sudden spike in activity touching Exchange servers overnight on Sunday, with around 10 customers affected at his firm.

Microsoft's near-ubiquitous suite of products has been under scrutiny since the hack of SolarWinds, the Texas-based software firm that served as a springboard for several intrusions across government and the private sector. In other cases, hackers took advantage of the way customers had set up their Microsoft services to compromise their targets or dive further into affected networks.

Hackers who went after SolarWinds also breached Microsoft itself, accessing and downloading source code - including elements of Exchange, the company's email and calendaring product.

McLellan said that for now, the hacking activity he had seen appeared focused on seeding malicious software and setting the stage for a potentially deeper intrusion rather than aggressively moving into networks right away.

"We haven't seen any follow-on activity yet," he said. "We're going to find a lot of companies affected but a smaller number of companies actually exploited."

Microsoft said targets included infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and non-governmental groups.

(Except for the headline, this story has not been edited by NDTV staff and is published from a syndicated feed.)

NDTV News

NDTV.com provides latest news from India and the world. Get today’s news headlines from Business, Technology, Bollywood, Cricket, videos, photos, live news coverage and exclusive breaking news from India.

https://www.ndtv.com/

Related news
Tearful Charles & Camilla look at flowers and a mini Land Rover for Prince Philip.

Tearful Charles & Camilla look at flowers and a mini Land Rover for Prince Philip.

A TEARFUL Prince Charles and Camilla today gazed over flowers and even a mini Land Rover tribute laid in honour for Philip. Thousands of floral tributes have been left for the Duke of Edinburgh after he passed away aged 99 - with the messages of c...

Authorities Report 'Almost Uneventful' End To Brooklyn Center Protest Over Daunte Wright's Death.

Authorities Report 'Almost Uneventful' End To Brooklyn Center Protest Over Daunte Wright's Death.

Law enforcement officials said there were 24 arrests in Brooklyn Center Wednesday night after a curfew came into effect at 10 p.m. to prevent further unrest over the killing of Daunte Wright. » Subscribe to NBC News: » Watch more NBC video: NBC Ne...

Kristi Noem vows she won't accept migrant resettlement attempts in her state.

Kristi Noem vows she won't accept migrant resettlement attempts in her state.

South Dakota governor joins 'The Ingraham Angle' as red state leaders fight back against Biden administration. #FoxNews #Ingraham Subscribe to Fox News! Watch more Fox News Video: Watch Fox News Channel Live: FOX News Channel (FNC) is a 24-hour al...

1

Blinken Meets Afghan President During Unannounced Visit To Kabul - NBC News NOW.

Blinken Meets Afghan President During Unannounced Visit To Kabul - NBC News NOW.

Secretary of State Antony Blinken landed in Afghanistan on Thursday for a surprise visit less than 24 hours after President Joe Biden announced the full withdrawal of U.S. forces from the country by Sept. 11 of this year. » Subscribe to NBC News: ...

What will withdrawal of US & NATO troops mean for Afghanistan? - DW News.

What will withdrawal of US & NATO troops mean for Afghanistan? - DW News.

US President Joe Biden has announced all American forces will leave Afghanistan by this September - which marks the 20th anniversary of the 9/11 terror attacks. The troop withdrawal will start May first. Biden says the exit will be done in full co...

COVID Could Bring Hope for Spain’s 'Forgotten Territories'.

COVID Could Bring Hope for Spain’s 'Forgotten Territories'.

The pandemic and changing demographics are enabling the repopulation of Spanish rural areas – among the emptiest regions of Europe