FBI to remove backdoors from hacked Microsoft Exchange email servers

By Nikita Chaurasia  Date: 2021-04-14

FBI to remove backdoors from hacked Microsoft Exchange email servers

Following the recent cyber-attack in the US, a court in Houston has reportedly authorized a new FBI operation to copy and eliminate backdoors from large number of Microsoft Exchange email servers across the country. During this hacking event, the hackers had reportedly used four previously unidentified vulnerabilities for attacking thousands of networks.

For the record, in March, Microsoft had identified a new Chinese state-sponsored group of hackers, Hafnium, who targeted Exchange servers run from company networks. Four vulnerabilities when linked together, enabled the attackers to enter an unprotected Exchange server and gain access to its contents.

Although the company fixed the vulnerabilities, the patches could not close the backdoors from the servers that were breached already. Within days of this event, other hacking groups also started hitting the undefended servers with same faults for incorporating the ransomware.

The Justice Department mentioned in its statement that the number of infected servers reduced as patches were used. However, hundreds of Exchange servers remained vulnerable as the backdoors are difficult to identify and eliminate.

Regarding the operation, the statement mentioned that it had eliminated rest of the web shells of an early hacking group. This could have been used for maintaining and escalating continuous and unauthorized access to the U.S. networks. It also added that the FBI had carried out the removal by running a command through the web shell to the server, which was designed to let the server delete only the web shell.

Speaking on the matter, the FBI has stated that it is making attempts to inform owners through email of servers from which it removed the backdoors.

Meanwhile, John C. Demers, Assistant attorney general stated that the operation highlights the Department’s commitment towards disrupting the hacking activity using all the legal tools and not just prosecutions.

This is apparently the first case of FBI wherein it is cleaning up of the private networks effectively following a cyberattack.

Source credits: https://techcrunch.com/2021/04/13/fbi-launches-operation-to-remotely-remove-microsoft-exchange-server-backdoors/

About Author

Nikita Chaurasia     aeresearch.net

Nikita Chaurasia

An accomplished professional in the field of content development, playing with words comes naturally to Nikita Chaurasia. After completing her post-graduate MBA degree in Advertising and PR, Nikita worked across numerous content-driven verticals, undertaking diverse r...

Read More

More News By Nikita Chaurasia

Apple unveils 16-inch MacBook Pro with high-performance M1 processors

Apple unveils 16-inch MacBook Pro with high-performance M1 processors

By Nikita Chaurasia

Tech giant Apple, Inc. has recently unveiled the 16-inch MacBook Pro, which promises extraordinary design and performance. The model can be customized with the all-new M1 Pro and M1 Max processors.    These new 10-core processors are ...

Kedrion Biopharma expands to North America with Prometic acquisition

Kedrion Biopharma expands to North America with Prometic acquisition

By Nikita Chaurasia

Prometic Life Sciences has developed the first FDA-approved treatment for Congenital Plasminogen Deficiency. This acquisition will enable easy access to advanced therapies for patients suffering from this rare disease. Kedrion Biopharma Inc. has...

Facebook Pages to reduce focus on Likes and followers for Indian users

Facebook Pages to reduce focus on Likes and followers for Indian users

By Nikita Chaurasia

Facebook Inc. has reportedly removed Likes from Facebook Pages for its Indian users to make the platform more user-friendly and easier to understand. This redesign of Facebook Pages was launched in January 2021 and has been rolled out for Indian user...

Merchant commerce platform Pine Labs eyeing USD 1 Bn Nasdaq listing

Merchant commerce platform Pine Labs eyeing USD 1 Bn Nasdaq listing

By Nikita Chaurasia

India is likely to witness a record number of IPOs this year, with several companies eyeing public listing to raise funds if the market sentiment remains positive. One such company, Pine Labs is reportedly planning to list itself on Nasdaq by October...

European climate group asks EU for tougher CO2 targets for truck makers

European climate group asks EU for tougher CO2 targets for truck makers

By Nikita Chaurasia

According to a recent study conducted by Europe’s Transport and Environment (T&E), the European Union (EU) should implement stricter CO2 targets for truck makers to swiftly transition to zero-emission models as present goals do not provide ...