Microsoft says Chinese hackers used flaws in its software to steal emails
- The tech giant said a state-sponsored group it dubs Hafnium exploited newly discovered vulnerabilities in its mail server code
- Targets included infectious disease researchers, law firms, higher education institutions, defence contractors, policy think tanks and non-governmental groups
A China-linked cyberespionage group has been remotely plundering email inboxes using freshly discovered flaws in Microsoft mail server software, the company and outside researchers said on Tuesday – an example of how commonly used programs can be exploited to cast a wide net online.
In a blog post, Microsoft said the hacking campaign made use of four previously undetected vulnerabilities in different versions of the software and was the work of a group it dubs Hafnium, which it described as a state-sponsored entity operating out of China.
In a separate blog post, cybersecurity firm Volexity said that in January it had seen the hackers use one of the vulnerabilities to remotely steal “the full contents of several user mailboxes”. All they needed to know were the details of Exchange server and of the account they wanted to pillage its emails, Volexity said.
The Chinese embassy in Washington did not immediately return messages seeking comment. Beijing routinely denies carrying out cyberespionage despite numerous allegations from the United States and others.
Ahead of the Microsoft announcement, the hackers’ increasingly aggressive moves began to attract attention across the cybersecurity community.