FBI to remove backdoors from hacked Microsoft Exchange email servers

By Nikita Chaurasia  Date: 2021-04-14

FBI to remove backdoors from hacked Microsoft Exchange email servers

Following the recent cyber-attack in the US, a court in Houston has reportedly authorized a new FBI operation to copy and eliminate backdoors from large number of Microsoft Exchange email servers across the country. During this hacking event, the hackers had reportedly used four previously unidentified vulnerabilities for attacking thousands of networks.

For the record, in March, Microsoft had identified a new Chinese state-sponsored group of hackers, Hafnium, who targeted Exchange servers run from company networks. Four vulnerabilities when linked together, enabled the attackers to enter an unprotected Exchange server and gain access to its contents.

Although the company fixed the vulnerabilities, the patches could not close the backdoors from the servers that were breached already. Within days of this event, other hacking groups also started hitting the undefended servers with same faults for incorporating the ransomware.

The Justice Department mentioned in its statement that the number of infected servers reduced as patches were used. However, hundreds of Exchange servers remained vulnerable as the backdoors are difficult to identify and eliminate.

Regarding the operation, the statement mentioned that it had eliminated rest of the web shells of an early hacking group. This could have been used for maintaining and escalating continuous and unauthorized access to the U.S. networks. It also added that the FBI had carried out the removal by running a command through the web shell to the server, which was designed to let the server delete only the web shell.

Speaking on the matter, the FBI has stated that it is making attempts to inform owners through email of servers from which it removed the backdoors.

Meanwhile, John C. Demers, Assistant attorney general stated that the operation highlights the Department’s commitment towards disrupting the hacking activity using all the legal tools and not just prosecutions.

This is apparently the first case of FBI wherein it is cleaning up of the private networks effectively following a cyberattack.

Source credits: https://techcrunch.com/2021/04/13/fbi-launches-operation-to-remotely-remove-microsoft-exchange-server-backdoors/

About Author

Nikita Chaurasia     aeresearch.net

Nikita Chaurasia

An accomplished professional in the field of content development, playing with words comes naturally to Nikita Chaurasia. After completing her post-graduate MBA degree in Advertising and PR, Nikita worked across numerous content-driven verticals, undertaking diverse r...

Read More

More News By Nikita Chaurasia

Flipkart planning for a USD 1 billion fundraising before going public

Flipkart planning for a USD 1 billion fundraising before going public

By Nikita Chaurasia

Walmart-owned Flipkart is reportedly looking to raise at least USD 1 billion at USD 30 billion valuation before going ahead with its IPO plans in the upcoming months. This time, the Indian e-commerce giant is looking to raise funds from new investors...

U.K. might ease lockdown restrictions following drop in COVID-19 cases

U.K. might ease lockdown restrictions following drop in COVID-19 cases

By Nikita Chaurasia

British Prime Minister Boris Johnson is reportedly planning to further ease lockdown restrictions in the United Kingdom. This announcement comes after Britain witnessed a drop in the daily death toll and case count, primarily due to rapid vaccination...

Maruti Suzuki India prolongs maintenance shutdown over COVID-19 fears

Maruti Suzuki India prolongs maintenance shutdown over COVID-19 fears

By Nikita Chaurasia

Maruti Suzuki India Limited has reportedly extended its maintenance shutdown from May 9th to May 16th amidst rising COVID-19 cases across the country. However, it is difficult to ascertain whether the intention behind the extended shutdown is to guar...

Amazon sets tougher rules for its delivery service partners’ employees

Amazon sets tougher rules for its delivery service partners’ employees

By Nikita Chaurasia

Amazon is known for closely managing its staff and contractors, and it also seeks to control the employees of the companies in which it works. Reportedly, the company has updated its policies for Amazon’s delivery partners wherein it lays out d...

BMW, Ford lead Solid Power’s USD 130 million Series B funding round

BMW, Ford lead Solid Power’s USD 130 million Series B funding round

By Nikita Chaurasia

Solid Power Inc., a leading U.S-based producer of solid-state batteries has reportedly secured USD 130 million in the Series B funding round led by renowned car makers namely Ford Motor Company and BMW Group.  These funds will be used to develo...