FBI to remove backdoors from hacked Microsoft Exchange email servers

By Nikita Chaurasia  | Date: 2021-04-14

FBI to remove backdoors from hacked Microsoft Exchange email servers

Following the recent cyber-attack in the US, a court in Houston has reportedly authorized a new FBI operation to copy and eliminate backdoors from large number of Microsoft Exchange email servers across the country. During this hacking event, the hackers had reportedly used four previously unidentified vulnerabilities for attacking thousands of networks.

For the record, in March, Microsoft had identified a new Chinese state-sponsored group of hackers, Hafnium, who targeted Exchange servers run from company networks. Four vulnerabilities when linked together, enabled the attackers to enter an unprotected Exchange server and gain access to its contents.

Although the company fixed the vulnerabilities, the patches could not close the backdoors from the servers that were breached already. Within days of this event, other hacking groups also started hitting the undefended servers with same faults for incorporating the ransomware.

The Justice Department mentioned in its statement that the number of infected servers reduced as patches were used. However, hundreds of Exchange servers remained vulnerable as the backdoors are difficult to identify and eliminate.

Regarding the operation, the statement mentioned that it had eliminated rest of the web shells of an early hacking group. This could have been used for maintaining and escalating continuous and unauthorized access to the U.S. networks. It also added that the FBI had carried out the removal by running a command through the web shell to the server, which was designed to let the server delete only the web shell.

Speaking on the matter, the FBI has stated that it is making attempts to inform owners through email of servers from which it removed the backdoors.

Meanwhile, John C. Demers, Assistant attorney general stated that the operation highlights the Department’s commitment towards disrupting the hacking activity using all the legal tools and not just prosecutions.

This is apparently the first case of FBI wherein it is cleaning up of the private networks effectively following a cyberattack.

Source credits: https://techcrunch.com/2021/04/13/fbi-launches-operation-to-remotely-remove-microsoft-exchange-server-backdoors/

About Author

Nikita Chaurasia     aeresearch.net

Nikita Chaurasia

An accomplished professional in the field of content development, playing with words comes naturally to Nikita Chaurasia. After completing her post-graduate MBA degree in Advertising and PR, Nikita worked across numerous content-driven verticals, undertaking diverse r...

Read More >>

More News By Nikita Chaurasia

L&T Technology Services partners with Qualcomm to amplify 5G adoption

L&T Technology Services partners with Qualcomm to amplify 5G adoption

By Nikita Chaurasia

L&T Technology Services Limited has recently announced that it is teaming up with Qualcomm Technologies, Inc., the world’s leading wireless technology innovator. With the latest collaboration, the firm plans to offer end-to-end solutions...

PNAS, Straive partner to deliver end-to-end content production services

PNAS, Straive partner to deliver end-to-end content production services

By Nikita Chaurasia

Renowned U.S.-based nonprofit and non-governmental organization, NAS (National Academy of Sciences), has reportedly collaborated with Straive, one of the leading technology-driven solutions providers for Content, EdTech, and Data. With this acquis...

Japan pushes innovations in 'deep tech' sector with solar cell technology

Japan pushes innovations in 'deep tech' sector with solar cell technology

By Nikita Chaurasia

Amid the most promising next-generation solar cell technology innovations, Enecoat Technologies, a provider of materials development services in Japan, is reportedly developing perovskite. Following its completion, the Kyoto-located start-up expec...

GIC to acquire majority shares in opulent Sani/Ikos properties

GIC to acquire majority shares in opulent Sani/Ikos properties

By Nikita Chaurasia

Singapore's sovereign wealth fund, GIC has agreed to pay around $2.2 billion to buy a majority stake in Sani/Ikos Group, a Mediterranean luxury resort operator, marking the largest transaction in the European resort market since the Covid-19 pand...

Excelra, Patcore partner to offer enhanced digital insights to customers

Excelra, Patcore partner to offer enhanced digital insights to customers

By Nikita Chaurasia

Excelra, a data and analytics solutions provider, has recently announced its partnership with Patcore, Inc., to provide better access to its analytics products and scientific data for customers in Japan. For the unversed, Excelra is one of the top...