She said a company Microsoft: A cyber espionage group linked to China is stealing email inboxes remotely using newly discovered flaws in Microsoft Exchange Server mail server software, an example of how commonly used software is exploited for online spying.
Microsoft explained at Post The hacking campaign used four previously undiscovered vulnerabilities in various versions of Microsoft Exchange Server mail server software and was the work of a group called HAFNIUM, which it described as a state-sponsored entity operating from China.
at Post Separately, cybersecurity firm Volexity said: in January it saw hackers use a vulnerability to steal the entire content of many users’ mailboxes remotely.
All they need to know are the details of the Microsoft Exchange Server mail server software and the account whose emails they want to steal, Volexity said.
Beijing routinely denies engaging in cyber espionage, despite allegations from the United States and others.
Before Microsoft’s announcement, increasingly aggressive hacker movements began to attract attention from across the cybersecurity community.
“I noticed a sudden spike in activity related to Microsoft Exchange Server software overnight, with about 10 customers in the company affected,” (Mike McLellan), director of intelligence at Secureworks for Dell, said before Microsoft’s announcement.
Microsoft’s ubiquitous suite of products has been under scrutiny since the breakthrough of SolarWinds, a software company that has served as a springboard for numerous breaches of government and private networks.
In other cases, hackers took advantage of the way customers created their Microsoft services to threaten targets or dive further into affected networks.
Hackers who stalked SolarWinds infiltrated Microsoft itself, accessing and downloading source code – including elements of the Microsoft Exchange Server mail server.
The hacking activity he saw seemed to focus on spreading malware and paving the way for a deeper intrusion rather than moving aggressively to the networks immediately, McClellan said.
Microsoft said the targets include infectious disease researchers, law firms, higher education institutions, defense contractors, think tanks and nongovernmental groups.