Hafnium has been at work since January, breaking into the servers of the email remotely and quietly emptying the inboxes of these organisations.
Microsoft security: A security flaw in a Microsoft software has put 20,000 companies in the US at risk as hackers behind the digital intrusion are breaking into the server and getting access to the data of the US and Europe-based organisations. Experts opined that soon other cybercriminals could clone these tools used to break in, potentially further endangering the clients using Microsoft’s Exchange email and calendar software. The group which is using these tools has been called Hafnium by Redmond, and it has exploited four previously unknown vulnerabilities. Hafnium is allegedly a Chinese group.
Hafnium has been at work since January, breaking into the servers of the email remotely and quietly emptying the inboxes of these organisations without even having to send any malicious email or attachment.
As per reports, while Norwegian authorities said that their country had witnessed a limited use of these tools, Prague municipality and Czech Labour and Social Affairs Ministry were affected by the attack. Officials have said that the hackers were using the technique with ease, meaning that they have had a “free buffet” since they began this attack back in January.
While Hafnium is a major cause of concern, what’s adding to the problems is the fact that others could also clone these tools and join the attack.
Microsoft has published ways to fix these vulnerabilities, however, and the users in the US have been asked by the government to update their software to fix this issue. But, not everyone is updating the software in practice.
Now, with the help of these fixes, other hackers are trying to reverse engineer the tools that Hafnium must have used, in a bid to find how they would be able to appropriate these tools for their own selves and exploit the updated system.
If these hackers are able to succeed, the attacks could get even more aggressive, experts believe.