San Francisco, March 9 : At least five different hacking groups, including one from China, are currently attacking vulnerabilities in Microsoft’s email servers — described by the US government as “widespread domestic and international exploitation” that may affect hundreds of thousands of victims globally.
While Microsoft has already revealed that a Chinese government-linked hacking group known as Hafnium is targeting its on-premises ‘Exchange Server’ software, the MIT Technology Review now reports that at least “four other distinct hacking groups are now attacking critical flaws in Microsoft’s email software”.
“There are at least five different clusters of activity that appear to be exploiting the vulnerabilities,” Katie Nickels, who leads an intelligence team at cybersecurity firm Red Canary that is investigating the cyber-attack, was quoted as saying in the report.
“The challenge is that this is all so murky and there is so much overlap. What we’ve seen is that from when Microsoft published about Hafnium, it has expanded beyond just Hafnium. We’ve seen activity that looks different from tactics, techniques and procedures from what they reported on,” Nickels warned.
Microsoft said that the company is “working closely with CISA (Cybersecurity and Infrastructure Security Agency), other government agencies, and security companies to ensure we are providing the best possible guidance and mitigation for our customers”.
White House press secretary Jen Psaki had said last week that they are concerned that “there is a large number of victims who are working with our partners to understand the scope of this”.
Related stories
Subscribe
- Never miss a story with notifications
- Gain full access to our premium content
- Browse free from up to 5 devices at once
Latest stories