- FBI launches court-authorized operation to remove vulnerabilities to hundreds of Microsoft Exchange servers affected in recent hack
- Small and medium-sized businesses affected by hacks that targeted the popular business e-mail platform
- Businesses have been encouraged to install patches provided by Microsoft to address the issue
Summary by Dirk Langeveld
The Federal Bureau of Investigation is taking action to repair Microsoft Exchange servers that were compromised in a hack earlier this year.
The FBI received judicial authorization to “copy and remove” backdoors from hundreds of servers. The operation is issuing commands to remove web shells, script or code allowing remote access, which were set up by hackers. The Justice Department said that server owners successfully removed web shells from thousands of computers, but that many remained vulnerable.
Microsoft announced last month that the Chinese-backed group Hafnium had targeted the servers, primarily affecting small and medium-sized businesses using Microsoft Exchange for e-mail and scheduling. The backdoors created by hackers allowed them to monitor e-mails, install software, and steal data. While hackers made no attempt to exploit some of the breaches, others subsequently took advantage of them to install ransomware on compromised servers.
Microsoft issued patches to address the issue, and companies using Microsoft Exchange have been encouraged to install them.