Microsoft flaw: 30,000 American organizations victims of Chinese hackers

American businesses, cities and local institutions are affected. “The threat is active“, Underlined the White House Friday.

Tens of thousands of businesses, cities and local institutions in the United States have come under attack from a group of Chinese state-backed hackers, according to a cybersecurity specialist who gave details on Friday of a hack. Microsoft Mail. “At least 30,000 organizations (…) have been hacked in recent days by an unusually aggressive Chinese cyber espionage unit, which focuses on email theft, multiple sources sayBrian Krebs wrote on his KrebsonSecurity blog.

Microsoft warned on Tuesday that hackers in the group dubbed “HafniumExploited security holes in its Exchange messaging services to steal data from business users. This “highly qualified and sophisticated actorAccording to the computer giant, has in the past already targeted companies in the United States, in particular in the field of research on infectious diseases, law firms, universities, defense companies, think tanks and NGOs.

«Spy group exploits four new flaws in Exchange software and has planted tools in hundreds of thousands of organizations around the world, which gives attackers full remote control over infected systems», Detailed Brian Krebs. “The threat is active“, Underlined Jen Psaki, the spokesperson for the White House, during a press point Friday. The attack “could have a very broad impact“, She added, before calling the communities”who use these servers to act now to protect themselves».

Microsoft chief Tom Burt on Tuesday said his company had released updates to fix the flaws, and urged customers to apply them. “We know that many state actors and criminal groups will act quickly to take advantage of any unpatched system.He warned. “Applying patches quickly is the best protection against this attack.According to Microsoft, Hafnium is based in China but operates through virtual private servers leased in the United States.

Beijing last year accused Washington of defamation following allegations that Chinese hackers were trying to steal research on the coronavirus. In January, the American authorities had designated Russia as the main suspect of the massive hacking against the company SolarWinds, thus contradicting the former president Donald Trump who had accused China of being at the origin of this intrusion in the software from the US government and thousands of private companies. Microsoft said Tuesday that the Hafnium attacks “were in no way related to the separate attacks related to SolarWinds».

To see also – Personalities and companies targeted by massive hacking on Twitter (07/16/2020)