Microsoft: Chinese Hackers Are Exploiting Exchange Server Flaws to Steal Emails
China-based hackers target U.S. firms, says Microsoft China-based government hackers have exploited a bug in Microsoft's email server software to target U.S. organizations, the company said Tuesday.
Microsoft said that a "highly skilled and sophisticated" state-sponsored group operating from China has been trying to steal information from a number of American targets, including universities, defense contractors, law firms, and infectious-disease researchers.
Microsoft has released security upgrades to fix the vulnerabilities to its Exchange Server software, which is used for work email and calendar services, mostly for larger organizations that have their own in-person email servers. It doesn't affect personal email accounts or Microsoft's cloud-based services, said Microsoft.
The company informs that the hacking group it calls Hafnium was able to trick Exchange servers into allowing it to gain access. The hackers then masqueraded as someone who should have access and created a way to control the server remotely so that they could steal data from an organization's network.
Microsoft said the group is based in China but operates from leased virtual private servers in the U.S., helping it avoid detection.
