Hackers linked to China attack Microsoft's email server, exploit new vulnerabilities

Microsoft on Tuesday said that a cyber espionage group linked to China has been exploiting newly found flaws in the company's mail server software.

On Tuesday, the company claimed that the hacking group infiltrated the email inboxes. Microsoft claimed in a blog post that hackers took advantage of vulnerabilities that were previously unknown. Reportedly, four vulnerabilities were found in Microsoft's email software. The group which hacked the company is being referred to as HAFNIUM, which Microsoft claims is linked to China.

In another post, Volexity - a cybersecurity firm - claimed that it observed hackers using one of the four software loopholes to steal "full contents of several user mailboxes". The hackers only required details of an exchange server, and information about the account they intended to hack.

Over the years, many countries including the United States have accused China of overseeing cyber espionage activities, something Chinese authorities continue to deny.  Even before Microsoft officially acknowledged the hack, the activities of hackers had begun to garner attention from analysts in the cybersecurity community.

Also read: SolarWinds hack was work of more than 1,000 engineers: Microsoft

Mike McLellan, the director of intelligence for Dell Technologies Inc's Secureworks, was cited by Reuters as saying that they witnessed a spike in activity on Exchange servers over Sunday. Even at that firm, 10 customers have been affected. According to McLellan, hacking activity had gone up with focus on seeding malicious software, which could also highlight potential intrusions that could infect Microsoft's networks.

"We haven't seen any follow-on activity yet," he said.  "We're going to find a lot of companies affected but a smaller number of companies actually exploited", Reuters quoted him as saying.

Also read: US intel agencies say Russia likely behind hacking of govt agencies

According to Microsoft, the targets of the Chinese hackers included researchers for infectious diseases, education institutions, defense contractors, policy think tanks, and NGOs.