As Microsoft email software hack spreads, experts brace for more impact

Reuters2021-03-06

By Raphael Satter

WASHINGTON, March 5 (Reuters) - The hackers behind the powerful set of digital intrusion tools exposed by Microsoft Corp this week are on a tear, breaking into organizations across the United States and Europe.

With the weekend looming, experts say it is only a matter of time before the break-in tools are cloned by other spies or cybercriminals, with the potential to compound the problem for users of Microsoft's widely used Exchange email and calendaring software.

Wielding tools that exploited four previously unknown vulnerabilities, the allegedly Chinese group that Microsoft dubs "Hafnium" has been breaking into email servers since January, remotely and silently draining inboxes of their messages without having to send a single malicious email or rogue attachment.

Norwegian authorities said they had seen "limited" use of the hacking tools in their country. The Prague municipality and the Czech Ministry for Labor and Social Affairs were among those affected, according to a European cyber official briefed on the matter.

The official said that the technique's ease of exploitation meant that the hackers had effectively been enjoying a "free buffet" since the beginning of the year.

The worry now is that others may be about to join the feast.

Although Microsoft has published fixes for the vulnerabilities and the U.S. government - including National Security Adviser Jake Sullivan - has urged users to update their software, in practice not everyone is. Meanwhile, hackers are studying the fixes to reverse engineer Hafnium's tools and appropriate them for themselves.

Once that happens, experts say, the targeting may get even more aggressive.

(Reporting by Raphael Satter; Editing by Dan Grebler)

((Raphael.Satter@thomsonreuters.com;))

Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.

Comments

Leave a comment
3