According to Microsoft, hackers used the Exchange Server to try to obtain information from a number of companies in the United States. The corporation believes the Hafnium group, allegedly sponsored by Chinese authorities, is behind the attack.
Chinese hackers attacked local versions of Microsoft Exchange Server mailboxes in an attempt to obtain information from various organizations in the United States, the company said.
According to Microsoft, the group in question is a hacker group called Hafnium. Its goal was to obtain information from infectious disease researchers, law firms, universities, non-governmental organizations, think tanks and a number of other organizations. Microsoft believes the group is backed by Chinese authorities.
According to the company, the attacks were carried out in three stages. First, the hackers gained access to the Exchange server using stolen passwords or previously undiscovered vulnerabilities and then created a malicious script to remotely control the compromised server. They then used this remote access from private servers in the US to steal data from the organisation's network, Microsoft said.
Which institutions were hacked and whether the attackers managed to get hold of any information, the company did not specify. However, they noted that they have informed the affected agencies and have released an update that should protect Exchange Server users.
In addition, Microsoft added that the incident has nothing to do with the hacker attack on the IT company SolarWinds. Attackers used the platform late last year to illegally access a number of US agencies, including the systems of the Treasury Department and the US Department of Commerce's National Telecommunications and Information Administration.
According to Bloomberg, at least 200 organisations around the world were affected in the SolarWinds software hack. SolarWinds customers include units of the U.S. Army, Justice Department, State Department, National Security Agency, Postal Service and 425 Fortune 500 companies in addition to the above-mentioned agencies.