(IANS): In another major cyber attack since Solarwinds, Chinese hackers have targeted at least 30,000 organizations across the United States. These organizations also include government and commercial companies. Hackers used Microsoft Exchange Server software to hack into the networks of these companies. According to KrebsonSecurity, the China-based spy group took advantage of four vulnerabilities in Microsoft Exchange Server email software.
Because of these vulnerabilities, hackers gained access to the email accounts of those companies and succeeded in installing malware. Although Microsoft did mention China-based hackers, it did not disclose the scale at which thousands of organizations were targeted.
The Chinese hacking group has taken control of thousands of Microsoft Exchange servers around the world, two cyber security experts who briefed US national security advisers on the cyber attack told KrebsonSecurity.
Exchange servers are mainly used by business customers.
Microsoft has released several security updates to fix the vulnerabilities. It has also advised its customers to install these immediately.
Earlier this week, Microsoft warned its customers of a new Chinese-origin cyber attack targeting Microsoft’s on-premises ‘Exchange Server’ software.
It is named ‘Hafnium’. It operates from China and is attacking infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks and NGOs in the United States for the purpose of obtaining classified information.
Hafnium is based in China, said Tom Burt, corporate vice president of Customer Security and Trust at Microsoft. It operates primarily from leased virtual private servers (VPS) in the United States.
This is the eighth time in the last 12 months that Microsoft has publicly disclosed nation-state groups targeting institutions critical to civil society.
The White House said nine federal agencies and about 100 private sector companies were targeted as a result of Solarwinds hacking.