Chinese hackers have attacked tens of thousands of American companies

Exchange server

Microsoft warned of the vulnerability last Tuesday and issued corrections. In the Netherlands, this warning was distributed by the National Cybersecurity Center (NCSC) of the Ministry of Justice and Security on Friday. According to the center, the pit is also actively used in the Netherlands. It is imperative to check if the error is exploited. Microsoft has made PowerShell scripts available for this.

Make victims very quickly

Since the international warning, the hackers are said to have stepped up their attacks to kill as many victims as possible as quickly as possible. They have also installed proprietary software that allows them to regain access to affected systems later.

The attack is attributed to a new pirate group called Hafnium. The group is said to have links with the Chinese authorities. The attacks will mainly target scientific institutions, defense companies, think tanks, and NGOs.

Krebs adds a caveat that ransomware packages also potentially take advantage of vulnerabilities due to the relative ease with which they can be exploited. Some of the compromised Exchange servers also appear to contain bits of a crypromining program called DLTminer, says the IT security guard. Red canary On Twitter.

See also  NASA and Boeing aim to redo Starliner spacecraft test later this 12 months

Leave a Reply

Your email address will not be published.