FBI to remove backdoors from hacked Microsoft Exchange email servers

By Nikita Chaurasia  Date: 2021-04-14

FBI to remove backdoors from hacked Microsoft Exchange email servers

Following the recent cyber-attack in the US, a court in Houston has reportedly authorized a new FBI operation to copy and eliminate backdoors from large number of Microsoft Exchange email servers across the country. During this hacking event, the hackers had reportedly used four previously unidentified vulnerabilities for attacking thousands of networks.

For the record, in March, Microsoft had identified a new Chinese state-sponsored group of hackers, Hafnium, who targeted Exchange servers run from company networks. Four vulnerabilities when linked together, enabled the attackers to enter an unprotected Exchange server and gain access to its contents.

Although the company fixed the vulnerabilities, the patches could not close the backdoors from the servers that were breached already. Within days of this event, other hacking groups also started hitting the undefended servers with same faults for incorporating the ransomware.

The Justice Department mentioned in its statement that the number of infected servers reduced as patches were used. However, hundreds of Exchange servers remained vulnerable as the backdoors are difficult to identify and eliminate.

Regarding the operation, the statement mentioned that it had eliminated rest of the web shells of an early hacking group. This could have been used for maintaining and escalating continuous and unauthorized access to the U.S. networks. It also added that the FBI had carried out the removal by running a command through the web shell to the server, which was designed to let the server delete only the web shell.

Speaking on the matter, the FBI has stated that it is making attempts to inform owners through email of servers from which it removed the backdoors.

Meanwhile, John C. Demers, Assistant attorney general stated that the operation highlights the Department’s commitment towards disrupting the hacking activity using all the legal tools and not just prosecutions.

This is apparently the first case of FBI wherein it is cleaning up of the private networks effectively following a cyberattack.

Source credits: https://techcrunch.com/2021/04/13/fbi-launches-operation-to-remotely-remove-microsoft-exchange-server-backdoors/

About Author

Nikita Chaurasia     aeresearch.net

Nikita Chaurasia

An accomplished professional in the field of content development, playing with words comes naturally to Nikita Chaurasia. After completing her post-graduate MBA degree in Advertising and PR, Nikita worked across numerous content-driven verticals, undertaking diverse r...

Read More

More News By Nikita Chaurasia

CDC updates guidelines, calls for vaccinated people to mask up

CDC updates guidelines, calls for vaccinated people to mask up

By Nikita Chaurasia

The Centers for Disease Control and Prevention issued new guidelines suggesting that people who are vaccinated against Covid-19 wear masks in public as well as indoor areas where the rate of the disease is high. The CDC also stated that teachers, sta...

iPhone’s hot streak could be hampered by global chip shortage crisis

iPhone’s hot streak could be hampered by global chip shortage crisis

By Nikita Chaurasia

Apple Inc. recently stated that the global chip shortage that has affected the sales of Macs and iPads, will now hit iPhone production and the expected revenue growth is likely to decelerate. This has resulted in lowering Apple’s shares. The c...

EV maker Rivian bags USD 2.5 Bn in a funding round led by Amazon, Ford

EV maker Rivian bags USD 2.5 Bn in a funding round led by Amazon, Ford

By Nikita Chaurasia

American electric vehicle maker Rivian Automotive LLC reportedly secured USD 2.5 billion in a funding round led by Amazon.com Inc, T. Rowe Price, D1 Capital Partners, and Ford Motor Co. In addition, the event also saw participation from Fidelity Man...

ICEA forms committee chaired by HP India MD to boost IT hardware sector

ICEA forms committee chaired by HP India MD to boost IT hardware sector

By Nikita Chaurasia

The India Cellular & Electronics Association (ICEA) recently announced the formation of a committee to promote manufacturing and exports of the IT hardware sector. The panel headed by Ketan Patel, HP India’s Managing Director, will set up a...

Amazon to stop on-site COVID-19 testing in U.S. warehouses this month

Amazon to stop on-site COVID-19 testing in U.S. warehouses this month

By Nikita Chaurasia

Amazon is reportedly planning to discontinue on-site Coronavirus testing for its warehouse employees in the United States. The retail giant confirmed slowing down the testing by 30th July and will only resume after receiving new guidelines change fro...