FBI to remove backdoors from hacked Microsoft Exchange email servers

By Nikita Chaurasia  | Date: 2021-04-14

FBI to remove backdoors from hacked Microsoft Exchange email servers

Following the recent cyber-attack in the US, a court in Houston has reportedly authorized a new FBI operation to copy and eliminate backdoors from large number of Microsoft Exchange email servers across the country. During this hacking event, the hackers had reportedly used four previously unidentified vulnerabilities for attacking thousands of networks.

For the record, in March, Microsoft had identified a new Chinese state-sponsored group of hackers, Hafnium, who targeted Exchange servers run from company networks. Four vulnerabilities when linked together, enabled the attackers to enter an unprotected Exchange server and gain access to its contents.

Although the company fixed the vulnerabilities, the patches could not close the backdoors from the servers that were breached already. Within days of this event, other hacking groups also started hitting the undefended servers with same faults for incorporating the ransomware.

The Justice Department mentioned in its statement that the number of infected servers reduced as patches were used. However, hundreds of Exchange servers remained vulnerable as the backdoors are difficult to identify and eliminate.

Regarding the operation, the statement mentioned that it had eliminated rest of the web shells of an early hacking group. This could have been used for maintaining and escalating continuous and unauthorized access to the U.S. networks. It also added that the FBI had carried out the removal by running a command through the web shell to the server, which was designed to let the server delete only the web shell.

Speaking on the matter, the FBI has stated that it is making attempts to inform owners through email of servers from which it removed the backdoors.

Meanwhile, John C. Demers, Assistant attorney general stated that the operation highlights the Department’s commitment towards disrupting the hacking activity using all the legal tools and not just prosecutions.

This is apparently the first case of FBI wherein it is cleaning up of the private networks effectively following a cyberattack.

Source credits: https://techcrunch.com/2021/04/13/fbi-launches-operation-to-remotely-remove-microsoft-exchange-server-backdoors/

About Author

Nikita Chaurasia     aeresearch.net

Nikita Chaurasia

An accomplished professional in the field of content development, playing with words comes naturally to Nikita Chaurasia. After completing her post-graduate MBA degree in Advertising and PR, Nikita worked across numerous content-driven verticals, undertaking diverse r...

Read More

More News By Nikita Chaurasia

Indian food delivery giant Swiggy to buy Dineout from Times Internet

Indian food delivery giant Swiggy to buy Dineout from Times Internet

By Nikita Chaurasia

Swiggy, an Indian food delivery giant, has recently announced an agreement with Times Internet to buy Dineout, a dining and restaurant technology platform. Swiggy will use the acquisition to enter the dining out (non-delivery) market, where it will c...

Grocery delivery platform Instacart files for U.S. stock market debut

Grocery delivery platform Instacart files for U.S. stock market debut

By Nikita Chaurasia

Instacart, a grocery delivery service, has announced that it has submitted a provisional registration statement with the Securities and Exchange Commission (SEC), clearing the way for the company to list its shares on the U.S. stock exchange. The ...

Tyson Foods improves annual sales outlook as meat prices surge in U.S.

Tyson Foods improves annual sales outlook as meat prices surge in U.S.

By Nikita Chaurasia

American food major Tyson Foods Inc. has reportedly improved its full-year sales outlook after witnessing better-than-expected earnings and revenue in the last quarter. The company raised its full-year sales to around USD 54 billion, above the averag...

EU likely to enforce new rules to regulate tech giants in spring 2023

EU likely to enforce new rules to regulate tech giants in spring 2023

By Nikita Chaurasia

The Executive Vice President of the European Commission Margrethe Vestager reportedly claimed that the union is likely to start enforcing the Digital Markets Act (DMA) in the spring of 2023. The antitrust legislation, which aims to limit the power of...

India teams up with Japan to develop affordable EV charging standard

India teams up with Japan to develop affordable EV charging standard

By Nikita Chaurasia

India and Japan are reportedly working on a joint initiative to develop a standard for electric vehicle charging in emerging markets. The duo will use Japan’s protocols to make easier-to-install and operate EV charging stations. The CHAdeMO ...