Security News > 2021 > March > Microsoft Exchange Hackers Also Breached European Banking Authority

The European Banking Authority on Sunday said it had been a victim of a cyberattack targeting its Microsoft Exchange Servers, forcing it to temporarily take its email systems offline as a precautionary measure.

"As the vulnerability is related to the EBA's email servers, access to personal data through emails held on that servers may have been obtained by the attacker," the Paris-based regulatory agency said.

The development is a consequence of an ongoing widespread exploitation campaign by multiple threat actors targeting vulnerable Microsoft Exchange email servers a week after Microsoft rolled out emergency patches to address four security flaws that could be chained to bypass authentication and remotely execute malicious programs.

The Exchange Server mass hack has so far claimed at least 60,000 known victims globally, including a significant number of small businesses and local governments, with the attackers casting a wide net before filtering high-profile targets for further post-exploitation activity.

Intelligence gathered from multiple sources points to an increase in anomalous web shell activity targeting Exchange servers by at least five different threat clusters toward the end of February, a fact that may have played an important role in Microsoft releasing the fixes a week ahead of the Patch Tuesday schedule.

Stating that the Chinese Exchange server hacks are a major norms violation, Dmitri Alperovitch, chairman of the Silverado Policy Accelerator and co-founder of CrowdStrike, said "While it started out as targeted espionage campaign, they engaged in reckless and dangerous behavior by scanning/compromising Exchange servers across the entire IPv4 address space with web shells that can now be used by other actors, including ransomware crews."

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/X7LKVcpEoBA/microsoft-exchange-hackers-also.html