Backdoor Affects 20,000 U.S Agencies Via Microsoft Vulnerability – E Hacking News
A backdoor breached more than 20,000 US enterprises, it was installed through Microsoft Corp’s recently patched flaws in the email software, said an individual aware of the U.S government’s response. The hacks have already reached beyond areas than the malicious downloaded codes of Solarwinds Corp, an organization that suffered the most from the recent cyberattack in December. The recent cyberattack has left channels open that can be remotely accessed. These are spread across small businesses, city governments, and credit unions say reports from U.S investigations.
Besides this, the records also reveal that tens of thousands of enterprises in Europe and Asia were also affected by the hack. The hacks are still present even though Microsoft issued security patches earlier this week. Earlier, Microsoft said that the hacks had “limited and targeted attacks,” but now denies to comment on the current state of the problems. However, it said the company is currently working with the government authorities and security firms to deal with the issue. Reuters says, “more attacks are expected from other hackers as the code used to take control of the mail servers spreads.”
A scan revealed that, out of the connected vulnerable devices, a mere 10% of users have installed the security patches, but the numbers are going up. As the patch is not helpful to fix the backdoors, the US government is currently trying to figure out how to assist the victims and help them with the issue. The devices compromised seem to run the web version of the email client Outlook, hosting them on their devices, not using cloud providers. Experts say this might’ve saved many big agencies and government authorities from the attack.
White House press secretary Jen Psaki earlier this week informed media that the vulnerabilities revealed in Microsoft’s popular exchange servers are big and can have a deep impact, there is a concern that the victims may be more. “Microsoft and the person working with the U.S. response blamed the initial wave of attacks on a Chinese government-backed actor. A Chinese government spokesman said the country was not behind the intrusions,” reports Reuters.