Sign In

Communications of the ACM

ACM News

FBI Launches Operation to Remove Backdoors from Hacked Microsoft Exchange Servers


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
Artist's impression of ransomware.

The U.S. Justice Department said an FBI operation to "copy and remove" backdoors from hundreds of Microsoft Exchange email servers in the U.S was "successful."

Credit: Bryce Durbin/TechCrunch

A court in Houston has authorized an FBI operation to "copy and remove" backdoors from hundreds of Microsoft Exchange email servers in the U.S., months after hackers used four previously undiscovered vulnerabilities to attack thousands of networks.

The Justice Department announced the operation on Tuesday, which it described as "successful."

In March, Microsoft discovered a new China state-sponsored hacking group — Hafnium — targeting Exchange servers run from company networks. The four vulnerabilities when chained together allowed the hackers to break into a vulnerable Exchange server and steal its contents. Microsoft fixed the vulnerabilities but the patches did not close the backdoors from the servers that had already been breached. Within days, other hacking groups began hitting vulnerable servers with the same flaws to deploy ransomware.

From TechCrunch
View Full Article

 


 

No entries found