Communications of the ACM

Home/News/FBI Launches Operation to Remove Backdoors from Hacked.../Full Text

ACM News

FBI Launches Operation to Remove Backdoors from Hacked Microsoft Exchange Servers

April 14, 2021
Comments

View as: Print Mobile App Share:

Artist's impression of ransomware. — The U.S. Justice Department said an FBI operation to "copy and remove" backdoors from hundreds of Microsoft Exchange email servers in the U.S was "successful."

Credit: Bryce Durbin/TechCrunch

A court in Houston has authorized an FBI operation to "copy and remove" backdoors from hundreds of Microsoft Exchange email servers in the U.S., months after hackers used four previously undiscovered vulnerabilities to attack thousands of networks.

The Justice Department announced the operation on Tuesday, which it described as "successful."

In March, Microsoft discovered a new China state-sponsored hacking group — Hafnium — targeting Exchange servers run from company networks. The four vulnerabilities when chained together allowed the hackers to break into a vulnerable Exchange server and steal its contents. Microsoft fixed the vulnerabilities but the patches did not close the backdoors from the servers that had already been breached. Within days, other hacking groups began hitting vulnerable servers with the same flaws to deploy ransomware.

From TechCrunch
View Full Article

No entries found

FBI Launches Operation to Remove Backdoors from Hacked Microsoft Exchange Servers

Housekeeping Humanoid System Can Cook, Clean

Innovation Is Overrated: A Provocation

Niklaus Wirth, or the Importance of Being Simple