Microsoft says Chinese hackers remotely plundering email inboxes

Microsoft on March 2 said that a Chinese cyber-espionage group has been remotely plundering email inboxes using freshly discovered flaws in its mail server software. In a blog post, the tech giant said that the hackers belonged to a state-backed group, which was a “highly skilled and sophisticated actor”. The company also added that the hacking campaign made use of four previously undetected vulnerabilities in different versions of the software. 

According to the blog post, the security flaws allowed the hackers to remotely plunder email inboxes. Microsoft’s Theft Intelligence Centre attributed that attacks with “high confidence” to Hafnium, which is a group assessed to be state-sponsored and operating out of China. The company said that Hafnium targets infectious disease researchers, law firms, higher education institutions and defence contractors. It also added that policy think tanks and non-governmental groups have also been targeted. 

Microsoft said that although Hafnium is based in China, it, however, conducts its operations primarily from leased virtual private servers in the US. It added that the company has observed Hafnium interacting with users of its office 365 suite. Further, the company has also released software updates aimed at addressing the vulnerabilities in its software.

READ: Microsoft Prez Says SolarWinds Hack Used Help Of Over 1,000 'highly Skilled' Engineers

READ: Tech Firms Say There's Little Doubt Russia Behind Major Hack

SolarWinds hack 

Microsoft has said that the attack was in no way related to the SolarWinds attack, which hit the US government agencies last year. Although it is worth noting that the cybersecurity breach, which affected nearly 100 US companies and nine federal agencies, was larger and more sophisticated than previously known. The representatives from the impacted firms, including SolarWinds, Microsoft and the cybersecurity firms FireEye Inc and CrowdStrike Holdings, told the US Senators that the true scope of the intrusions is still unknown because most victims are not legally required to disclose attacks unless they involve sensitive information about individuals.

Microsoft President said that its researchers believed that at least 1,000 very skilled, very capable engineers worked on the hack.  Microsoft President Brad Smith had said that this is the “largest and most sophisticated” sort of operation that he has seen. Further, Smith said that the hacking operation’s success was due to its ability to penetrate systems through routine processes. 

READ: North Korea Tried To Obtain COVID Vaccine Info By Hacking Into Pfizer: Report

READ: Hack Exposes Vulnerability Of Cash-strapped US Water Plants