☰
Following the recent cyber-attack in the US, a court in Houston has reportedly authorized a new FBI operation to copy and eliminate backdoors from large number of Microsoft Exchange email servers across the country. During this hacking event, the hackers had reportedly used four previously unidentified vulnerabilities for attacking thousands of networks.
For the record, in March, Microsoft had identified a new Chinese state-sponsored group of hackers, Hafnium, who targeted Exchange servers run from company networks. Four vulnerabilities when linked together, enabled the attackers to enter an unprotected Exchange server and gain access to its contents.
Although the company fixed the vulnerabilities, the patches could not close the backdoors from the servers that were breached already. Within days of this event, other hacking groups also started hitting the undefended servers with same faults for incorporating the ransomware.
The Justice Department mentioned in its statement that the number of infected servers reduced as patches were used. However, hundreds of Exchange servers remained vulnerable as the backdoors are difficult to identify and eliminate.
Regarding the operation, the statement mentioned that it had eliminated rest of the web shells of an early hacking group. This could have been used for maintaining and escalating continuous and unauthorized access to the U.S. networks. It also added that the FBI had carried out the removal by running a command through the web shell to the server, which was designed to let the server delete only the web shell.
Speaking on the matter, the FBI has stated that it is making attempts to inform owners through email of servers from which it removed the backdoors.
Meanwhile, John C. Demers, Assistant attorney general stated that the operation highlights the Department’s commitment towards disrupting the hacking activity using all the legal tools and not just prosecutions.
This is apparently the first case of FBI wherein it is cleaning up of the private networks effectively following a cyberattack.
Source credits: https://techcrunch.com/2021/04/13/fbi-launches-operation-to-remotely-remove-microsoft-exchange-server-backdoors/
An accomplished professional in the field of content development, playing with words comes naturally to Nikita Chaurasia. After completing her post-graduate MBA degree in Advertising and PR, Nikita worked across numerous content-driven verticals, undertaking diverse r...
Pacific Island nations have reportedly pushed Japan to postpone the release of Fukushima nuclear power plant wastewater due to concerns that it may pollute fishing grounds. An appeal was made on Wednesday when Japan announced that treated sewage f...
Danone, the French bottled water and yogurt firm, is reportedly being sued in court by three environmental activists’ groups for failing to cut its plastic footprint significantly. According to the groups, the maker of Evian and Volvic miner...
Bosch, the German technology company, has reportedly expanded its security footprint in the ridesharing market with the launch of its latest security dashcams. At CES 2023, Las Vegas, the German tech firm unveiled a new integrated smart camera on ...
Australia's Prime Minister Anthony Albanese has reportedly denied rumors that Rio Tinto and its partners could receive a $450 million settlement for the Gladstone power station, which would bring the total compensation for the coal price limit to...
Businesses in the UK are still reportedly grappling after two years following the beginning of post-Brexit trading, as suggested by a new report. According to the British Chambers of Commerce (BCC), firms are still battling increased red tape and ...
© 2023 aeresearch.net. All Rights Reserved.