Security News > 2021 > May > ALERT — New 21Nails Exim Bugs Expose Millions of Email Servers to Hacking

Exim is a popular mail transfer agent used on Unix-like operating systems, with over 60% of the publicly reachable mail servers on the Internet running the software.

A Shodan search reveals nearly four million Exim servers that are exposed online.

If successfully exploited, they could be used to tweak email settings and even add new accounts on the compromised mail servers.

In light of the recent Microsoft Exchange server hacks, it's imperative the patches are applied immediately, as email servers have emerged as a lucrative target for espionage campaigns.

In the past, flaws in Exim software have been actively exploited by bad actors to mount a variety of attacks, including deploying a Linux worm to install cryptocurrency miners on affected servers.

"Once exploited, they could modify sensitive email settings on the mail servers, allow adversaries to create new accounts on the target mail servers."

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/71ykmtStIUg/alert-new-21nails-exim-bugs-expose.html