At least 10 hacking groups using Microsoft software flaw: researchers
Skip to main content
  • Home
  • Economy
  • Stocks
  • Analysis
  • World+Biz
  • Sports
  • Features
  • Epaper
  • More
    • Subscribe
    • COVID-19
    • Bangladesh
    • Splash
    • Videos
    • Games
    • Long Read
    • Infograph
    • Interviews
    • Offbeat
    • Thoughts
    • Podcast
    • Quiz
    • Tech
    • Archive
    • Trial By Trivia
    • Magazine
    • Supplement
  • বাংলা
The Business Standard

Tuesday
June 28, 2022

Sign In
Subscribe
  • Home
  • Economy
  • Stocks
  • Analysis
  • World+Biz
  • Sports
  • Features
  • Epaper
  • More
    • Subscribe
    • COVID-19
    • Bangladesh
    • Splash
    • Videos
    • Games
    • Long Read
    • Infograph
    • Interviews
    • Offbeat
    • Thoughts
    • Podcast
    • Quiz
    • Tech
    • Archive
    • Trial By Trivia
    • Magazine
    • Supplement
  • বাংলা
TUESDAY, JUNE 28, 2022
At least 10 hacking groups using Microsoft software flaw: researchers

World+Biz

Reuters
11 March, 2021, 10:55 am
Last modified: 11 March, 2021, 11:17 am

Related News

  • Microsoft stops selling emotion-reading tech, limits face recognition
  • US, partners dismantle Russian hacking 'botnet,' Justice Dept says
  • Microsoft cuts Russia operations due to Ukraine invasion
  • Israeli private detective used Indian hackers in job for Russian oligarchs -court filing
  • Espionage-focused hacker group, Bitter APT, allegedly targets RAB

At least 10 hacking groups using Microsoft software flaw: researchers

Prime Minister Scott Morrison said the government would spend Aus$1.2 billion (US$929,000 million) to subsidise 800,000 flights to areas outside major cities that were “heavily dependent on international tourists”

Reuters
11 March, 2021, 10:55 am
Last modified: 11 March, 2021, 11:17 am
Silhouettes of laptop and mobile device users are seen next to a screen projection of Microsoft logo in this picture illustration taken March 28, 2018. REUTERS/Dado Ruvic/Illustration/File Photo
Silhouettes of laptop and mobile device users are seen next to a screen projection of Microsoft logo in this picture illustration taken March 28, 2018. REUTERS/Dado Ruvic/Illustration/File Photo

At least 10 different hacking groups are using recently discovered flaws in Microsoft Corp's mail server software to break in to targets around the world, cybersecurity company ESET said in a blog post on Wednesday.

The breadth of the exploitation adds to the urgency of the warnings being issued by authorities in the United States and Europe about the weaknesses found in Microsoft's Exchange software.

The security holes in the widely used mail and calendaring solution leave the door open to industrial-scale cyber espionage, allowing malicious actors to steal emails virtually at will from vulnerable servers or move elsewhere in the network. Tens of thousands of organizations have already been compromised, Reuters reported last week, and new victims are being made public daily.

Earlier on Wednesday, for example, Norway's parliament announced data had been "extracted" in a breach linked to the Microsoft flaws. Germany's cybersecurity watchdog agency also said on Wednesday two federal authorities had been affected by the hack, although it declined to identify them.

While Microsoft has issued fixes, the sluggish pace of many customers' updates - which experts attribute in part to the complexity of Exchange's architecture - means the field remains at least partially open to hackers of all stripes. The patches do not remove any back door access that has already been left on the machines.

In addition, some of the back doors left on compromised machines have passwords that are easily guessed, so that newcomers can take them over.

Microsoft declined comment on the pace of customers' updates. In previous announcements pertaining to the flaws, the company has emphasized the importance of "patching all affected systems immediately."

Although the hacking has appeared to be focused on cyber espionage, experts are concerned about the prospect of ransom-seeking cybercriminals taking advantage of the flaws because it could lead to widespread disruption.

ESET's blog post said there were already signs of cybercriminal exploitation, with one group that specializes in stealing computer resources to mine cryptocurrency breaking in to previously vulnerable Exchange servers to spread its malicious software.

ESET named nine other espionage-focused groups it said were taking advantage of the flaws to break in to targeted networks - several of which other researchers have tied to China. Microsoft has blamed the hack on China. The Chinese government denies any role.

Intriguingly, several of the groups appeared to know about the vulnerability before it was announced by Microsoft on March 2.

Ben Read, a director with cybersecurity company FireEye Inc , said he could not confirm the exact details in the ESET post but said his company had also seen "multiple likely-China groups" using the Microsoft flaws in different waves.

ESET researcher Matthieu Faou said in an email it was "very uncommon" for so many different cyber espionage groups to have access to the same information before it is made public.

He speculated that either the information "somehow leaked" ahead of the Microsoft announcement or it was found by a third party that supplies vulnerability information to cyber spies.

Taiwan-based researchers reported to Microsoft on January 5 that they had found two new flaws which need patching. Those two were among those that began being used by the attackers shortly before or after the friendly report.

They said were investigating whether there had been a theft or leak on their side, since exploitation was discovered in the wild the same week later. So far, the group called Devcore said, they had found no evidence.

Top-flight hackers are also commonly targeted by other hackers. Just this week, Microsoft patched one of the flaws used by suspected North Koreans in attempts to steal information from Western researchers.

But simultaneous discovery happens fairly often, in part because researchers use the same or similar tools to hunt for serious flaws, and many eyes are looking at the same high-value targets.

"It is very likely that some actor groups may have being using these vulnerabilities and led to the result of the attacks being observed by other information security vendors," Devcore member Bowen Hsu told Reuters.

But the security industry has been abuzz with other theories, including a hack of Microsoft's systems for tracking bugs, which has happened in the past.

Top News

Microsoft / Hackers / hacker / Hacking company / Hacking group

Comments

While most comments will be posted if they are on-topic and not abusive, moderation decisions are subjective. Published comments are readers’ own views and The Business Standard does not endorse any of the readers’ comments.

Top Stories

  • Bank Indonesia headquarters in Jakarta.Photographer: Rony Zakaria/Bloomberg
    Central banks in Asia spend billions to slow currency declines
  • Infographic: TBS
    Budget proposals to hurt Digital Bangladesh: Tech entrepreneurs
  • Photo: TBS
    Awami League wants EVM in next election: Obaidul Quader

MOST VIEWED

  • Bank Indonesia headquarters in Jakarta.Photographer: Rony Zakaria/Bloomberg
    Central banks in Asia spend billions to slow currency declines
  • Turkey's President Recep Tayyip Erdogan poses for a photograph with NATO Secretary General Jens Stoltenberg (not pictured) during the NATO summit at the Alliance's headquarters, in Brussels, Belgium, June 14, 2021. Kenzo Tribouillard/Pool via REUTERS
    Erdogan says he wants results, not words from Sweden and Finland
  • Colombian prison. File Photo: AFP via BSS
    Forty-nine dead in prison riot in Colombia, prisons agency says
  • Finland's President Sauli Niinisto addresses a joint news conference with Sweden's Prime Minister Magdalena Andersson (not pictured) in Stockholm, Sweden on 17 May 2022. Photo: Reuters
    Finland, Sweden flag some progress in NATO talks with Turkey
  • Photo: BBC
    Sri Lanka suspends non-essential petrol sales for two weeks
  • Mukesh Ambani steps down as director of Reliance Jio, son Akash takes over
    Mukesh Ambani steps down as director of Reliance Jio, son Akash takes over

Related News

  • Microsoft stops selling emotion-reading tech, limits face recognition
  • US, partners dismantle Russian hacking 'botnet,' Justice Dept says
  • Microsoft cuts Russia operations due to Ukraine invasion
  • Israeli private detective used Indian hackers in job for Russian oligarchs -court filing
  • Espionage-focused hacker group, Bitter APT, allegedly targets RAB

Features

Abortion is a part of healthcare. Photo: Bloomberg

Abortion is healthcare and women’s rights are human rights

5h | Panorama
Prashanta Kumar Banerjee. Sketch: TBS

'Public Asset Management Company can be an additional tool to curb bad loans'

7h | Interviews
Aid boats navigate through the different waters of Jamalganj Upazila, giving aid to flood victims.  Photo: Masum Billah

Bandits, hunger and snakes: Flood victims pass sleepless nights

9h | Panorama
Redmi 10C- Best Budget smartphone with one (big) compromise

Redmi 10C- Best Budget smartphone with one (big) compromise

1d | Brands

More Videos from TBS

Christiano Ronaldo to join Chelsea?

Christiano Ronaldo to join Chelsea?

21m | Videos
Social groups of Dhaka University stand beside the flood affected

Social groups of Dhaka University stand beside the flood affected

3h | Videos
Ways to earn extra income in student life

Ways to earn extra income in student life

8h | Videos
The dormant south is ablaze with new possibilities

The dormant south is ablaze with new possibilities

22h | Videos

Most Read

1
Padma Bridge from satellite. Photo: Screengrab
Bangladesh

Padma Bridge from satellite 

2
Desco wanted to make a bold statement with their new head office building, a physical entity that would be a corporate icon. Photo: Courtesy
Habitat

Desco head office: When commitment to community and environment inspires architecture

3
Japan cancels financing Matarbari coal project phase 2
Bangladesh

Japan cancels financing Matarbari coal project phase 2

4
Photo: Courtesy
Corporates

Gree AC being used in all parts of Padma Bridge project

5
Photo: TBS
Infrastructure

Gains from Padma Bridge to cross $10b, hope experts

6
Photo: TBS
Bangladesh

Motorcycles banned on Padma Bridge 

EMAIL US
contact@tbsnews.net
FOLLOW US
WHATSAPP
+880 1847416158
The Business Standard
  • About Us
  • Contact us
  • Sitemap
  • Privacy Policy
  • Comment Policy
Copyright © 2022
The Business Standard All rights reserved
Technical Partner: RSI Lab
BENEATH THE SURFACE
Workers unload boats and stockpile sacks of paddy at the BOC Ghat paddy market on the bank of the River Meghna in Brahmanbaria’s Ashuganj, the largest paddy market in the eastern part of the country. This century-old market sells paddies worth Tk5-6 crore a day during the peak season. PHOTO: RAJIB DHAR

Contact Us

The Business Standard

Main Office -4/A, Eskaton Garden, Dhaka- 1000

Phone: +8801847 416158 - 59

Send Opinion articles to - oped.tbs@gmail.com

For advertisement- sales@tbsnews.net