Microsoft flaw affects 30,000 American organizations

Microsoft has warned that hackers in the so-called

Tens of thousands of businesses, cities and local institutions in the United States have been attacked by a group of state-backed hackers, according to a cybersecurity specialist who gave details on Friday (March 5) on Microsoft’s email hack.

“At least 30,000 organizations (…) have been hacked in recent days by an unusually aggressive Chinese cyber espionage unit, which focuses on email theft, according to multiple sources”Brian Krebs wrote on his KrebsonSecurity blog.

Microsoft warned on Tuesday that hackers in the group baptized “Hafnium” exploited security holes in its Exchange messaging services to steal the data of its business users. This “Highly qualified and sophisticated actor”, according to the computer giant, has in the past already targeted companies in the United States, in particular in the field of research on infectious diseases, law firms, universities, defense companies, groups think tank and NGOs.

Read also Huge cyberattack in the United States: hackers saw Microsoft’s internal code

“The spy group exploits four new flaws in Exchange software and has planted tools among hundreds of thousands of organizations around the world, which give attackers full remote control over infected systems.”, detailed Brian Krebs.

“The threat is active”, said Jen Psaki, spokeswoman for the White House, during a press briefing on Friday. The attack “Could have a very broad impact”, she added, before calling the communities “Who use these servers to act now to protect themselves”.

No connection to the SolarWinds hack

Microsoft chief Tom Burt on Tuesday said his company had released updates to fix the flaws, and urged customers to apply them. “We know that many state actors and criminal groups will act quickly to take advantage of any unpatched system.”, he warned. “Applying patches quickly is the best protection against this attack. ” According to Microsoft, Hafnium is based in China but operates through virtual private servers leased in the United States.

Beijing last year accused Washington of defamation over allegations that Chinese hackers were trying to steal research on the coronavirus.

Article reserved for our subscribers Read also The SolarWinds affair, one of the “most sophisticated cyber espionage operations of the decade”

In January, the American authorities had designated Russia as the main suspect of the massive hacking against the company SolarWinds, thus contradicting the former president Donald Trump who had accused China of being at the origin of this intrusion in the software from the US government and thousands of private companies. Microsoft said on Tuesday that the Hafnium attacks “Were in no way related to the separate attacks related to SolarWinds”.

The World with AFP

LEAVE A REPLY

Please enter your comment!
Please enter your name here