Microsoft’s Exchange Server used for email services is recently targeted by hackers. The company rolled out a security patch to secure the server. However, the company had been unable to locate the group of hackers.
The Verge reported that the hackers are Chinese state-sponsored groups, and they managed to infiltrate nearly 30,000 United States (US) organizations using Microsoft’s Exchange Server.
Big institutions like banks, police departments, hospitals, and local government department got affected due to the attack. The number of victims was reportedly over hundreds of thousands.
The security patch has only fixed the vulnerabilities of the server and those whose systems have been compromised will still have to remove the backdoor channels from their systems.
These backdoors were being used by the hacking group to plant “web shells” in their victims’ servers which would give them admin access and allow them to steal information.
Security experts are now worried about these hackers planting additional backdoors while companies remove the ones already existing.
Microsoft was reached out for comment on the matter and said that they are working with the US Cybersecurity & Infrastructure Security Agency and other agencies to provide their customers with additional investigation and mitigation guidance.
