☰
Following the recent cyber-attack in the US, a court in Houston has reportedly authorized a new FBI operation to copy and eliminate backdoors from large number of Microsoft Exchange email servers across the country. During this hacking event, the hackers had reportedly used four previously unidentified vulnerabilities for attacking thousands of networks.
For the record, in March, Microsoft had identified a new Chinese state-sponsored group of hackers, Hafnium, who targeted Exchange servers run from company networks. Four vulnerabilities when linked together, enabled the attackers to enter an unprotected Exchange server and gain access to its contents.
Although the company fixed the vulnerabilities, the patches could not close the backdoors from the servers that were breached already. Within days of this event, other hacking groups also started hitting the undefended servers with same faults for incorporating the ransomware.
The Justice Department mentioned in its statement that the number of infected servers reduced as patches were used. However, hundreds of Exchange servers remained vulnerable as the backdoors are difficult to identify and eliminate.
Regarding the operation, the statement mentioned that it had eliminated rest of the web shells of an early hacking group. This could have been used for maintaining and escalating continuous and unauthorized access to the U.S. networks. It also added that the FBI had carried out the removal by running a command through the web shell to the server, which was designed to let the server delete only the web shell.
Speaking on the matter, the FBI has stated that it is making attempts to inform owners through email of servers from which it removed the backdoors.
Meanwhile, John C. Demers, Assistant attorney general stated that the operation highlights the Department’s commitment towards disrupting the hacking activity using all the legal tools and not just prosecutions.
This is apparently the first case of FBI wherein it is cleaning up of the private networks effectively following a cyberattack.
Source credits: https://techcrunch.com/2021/04/13/fbi-launches-operation-to-remotely-remove-microsoft-exchange-server-backdoors/
An accomplished professional in the field of content development, playing with words comes naturally to Nikita Chaurasia. After completing her post-graduate MBA degree in Advertising and PR, Nikita worked across numerous content-driven verticals, undertaking diverse r...
Swiftly Systems has reportedly achieved unicorn status, securing in funding through a Series C round. The prominent BRV Capital Management led this funding initiative. According to the earlier reports, Swiftly was adopted by hundreds of consumer b...
As per the reports, twelve nations with rainforests united to establish a collective initiative aiming to address climate change and safeguard biodiversity at summit held in Brazil. The declaration, titled "United for Our Forests," emerged ...
Meta Platforms has recently introduced Llama 2, an artificial intelligence large language model, for commercial use in collaboration with major cloud providers like Microsoft. Instead of charging for access or usage, Meta aims to share the model with...
Moderna Inc, a leading vaccine manufacturer, reportedly announced on Wednesday that it has entered into a memorandum of understanding (MoU) and a land collaboration agreement aimed at exploring opportunities for researching, developing, and producing...
The American footwear design & manufacturing company, Nike and Epic Games, the creators of the popular online game Fortnite, have joined forces in an exciting new collaboration. The partnership aims to bring about a groundbreaking change in the d...
© 2024 aeresearch.net. All Rights Reserved.