Tens of Thousands of Microsoft Exchange Servers Infiltrated by Chinese Hackers
(Photo : Screenshot From Pxhere Official Website) Tens of Thousands of Microsoft Exchange Servers Infiltrated by Chinese Hackers

When the news hit some time earlier this week, Chinese hackers were actively targeting the Microsoft Exchange servers. The whole cybersecurity community started to warn that the whole zero-day vulnerabilities were being exploited and might have even allowed them to hit numerous organizations all around the world.

Chinese hackers compromised thousands of Microsoft Exchange servers

As of the moment, it is still becoming clear as to how many email servers have been compromised. The way it looks as of the moment is that a certain Chinese group known as Hafnium has been able to breach just as many victims that they could find all around the internet while leaving some backdoors in order for them to return later on.

Hafnium has also reportedly now exploited the popular zero-day vulnerabilities in the Microsoft Exchange servers' very own Outlook Web Access. This would then indiscriminately compromise no fewer than what would be around tens of thousands of email servers. This was according to certain sources that had knowledge regarding the investigation taking place into the hacking campaign.

Estimated hack at 30,000 servers

According to the story by WIRED, the intrusions were initially spotted by the popular Volexity security firm and that the activity started as early as January 6. There were reportedly some noticeable uptick starting some time last Friday then spiking up early this week. The hackers then appeared to have been able to respond to Microsoft's very own patch that was released on Tuesday by being able to ramp up and even automating their hacking campaign.

"China just owned the world-or at least everyone with Outlook Web Access," the researcher said. "When was the last time someone was so bold as to just hit everyone?" 

A certain security researcher who was involved in the whole investigation spoke to WIRED and noted that the condition of anonymity has now put the number of compromised Exchange servers at over 30,000 in the whole US alone, and there are reportedly hundreds of thousands worldwide, and all of them seem to be by the exact same group.

Read Also: Russian Hacker Site Maza Gets Hacked: Usernames, Email Ads, and Passwords Compromised

'Absolutely massive' hack

An independent cybersecurity journalist known as Brian Krebs initially reported 30,000 figures regarding the compromised accounts on Friday. He then cited sources who had just briefed national security officials. A former national security official that had knowledge of the investigation noted to WIRED that it was "absolutely massive" and that they were talking about thousands of servers all compromised per hour around the globe.

In a recent press conference that took place on Friday afternoon, the White House press secretary known as Jen Psaki warned just about anyone running the whole affected Exchange servers in order to implement Microsoft's very own patch for the different vulnerabilities immediately. Psaki then noted that they are concerned about the huge number of victims and are also reportedly working with their partners in order to understand the whole scope of what is happening. Psaki noted that this is actually a very rare instance of a White House press secretary commenting on the specific cybersecurity vulnerabilities.

Related Article: [UPDATE] SolarWinds Executive Blames Intern for Leaking Company Password 'solarwinds123:' The Password Used Since 2017

This article is owned by Tech Times

Written by Urian Buenconsejo

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion