Saturday, May 21, 2022
  • Hyderabad
  • Telangana
  • Andhra Pradesh
  • India
  • World
  • Entertainment
  • Science and Tech
  • Sport
  • Business
  • ...
    • NRI
    • View Point
    • cartoon
    • Columns
    • Reviews
    • Education Today
    • Property
    • Videos
    • Lifestyle
E-Paper
  • NRI
  • View Point
  • cartoon
  • Columns
  • Reviews
  • Education Today
  • Property
  • Videos
  • Lifestyle
Home | Tech | Fbi Says Will Remove Backdoors From Hacked Microsoft Servers

FBI says will remove backdoors from hacked Microsoft servers

By IANS
Published: Published Date - 12:51 PM, Wed - 14 April 21
"Today's court-authorised removal of the malicious web shells demonstrates the Department's commitment to disrupt hacking activity using all of our legal tools, not just prosecutions," Assistant Attorney

San Francisco: The Federal Bureau of Investigation (FBI) has launched a mega operation to copy and remove malicious web shells from hundreds of vulnerable computers in the US that were running on-premises versions of Microsoft Exchange Server software used to provide enterprise-level email service.

A court in Houston has authorised an FBI operation to “copy and remove” backdoors from hundreds of Microsoft Exchange email servers that have been compromised by nation-state hackers, including from China.

“Today’s court-authorised removal of the malicious web shells demonstrates the Department’s commitment to disrupt hacking activity using all of our legal tools, not just prosecutions,” Assistant Attorney General John C. Demers for the Justice Department’s National Security Division said in a statement on Tuesday.

Earlier reports have claimed that five different hacking groups (including China-backed hacking group called ‘Hafnium’) are exploiting vulnerabilities in the business email servers of Microsoft.

Through January and February this year, certain hacking groups exploited zero-day vulnerabilities in Microsoft Exchange Server software to access email accounts and place web shells for continued access.

Web shells are pieces of code or scripts that enable remote administration.

Other hacking groups followed suit starting in early March after the vulnerability and patch were publicised.

Many infected system owners successfully removed the web shells from thousands of computers. Others appeared unable to do so, and hundreds of such web shells persisted unmitigated.

“This operation removed one early hacking group’s remaining web shells which could have been used to maintain and escalate persistent, unauthorised access to US networks,” the FBI informed.

The FBI conducted the removal by issuing a command through the web shell to the server, which was designed to cause the server to delete only the web shell (identified by its unique file path).

Throughout March, Microsoft and other industry partners released detection tools, patches and other information to assist victim entities in identifying and mitigating the cyber incident.

Despite these efforts, by the end of March, hundreds of web shells remained on certain US-based computers running Microsoft Exchange Server software.

  • Follow Us :
  • Tags
  • FBI
  • Federal Bureau of Investigation
  • Microsoft
  • Microsoft Exchange Server software

Related News

  • Have you tried Pizza Hut’s new lighter, crispier San Francisco style pizza?

  • After mocking Apple, Google drops 3.5 mm headphone jack in Pixel 6a

  • Microsoft Xbox Live gaming suffers massive outage, fixed now

  • Microsoft open-sources code for 3D Movie Maker

  • WhatsApp rolls out emoji reactions, bigger groups

  • Bill Gates warns of more fatal Covid variant, calls for global surveillance

Latest News

  • FreshToHome plans expansion in Telangana, Andhra Pradesh

    5 hours ago
  • Editorial: Fillip to federal spirit

    6 hours ago
  • Opinion: Grow more foods that feed the hungry

    7 hours ago
  • After KTR number plate, KCR number plate turns heads in London

    7 hours ago
  • IPL 2022: Rajasthan Royals beat CSK by five wickets to finish second

    7 hours ago
  • Become a pro in Pipes and Cisterns topic in arithmetics

    7 hours ago
  • 2,40,000 job vacancies available at DEET; grab one now!

    7 hours ago
  • IPL 2022 Preview: Delhi Capitals meet Mumbai Indians in virtual quarter-final

    7 hours ago

company

  • Home
  • About Us
  • Contact Us

business

  • Subscribe

telangana today

  • Telangana
  • Hyderabad
  • Latest News
  • Entertainment
  • World
  • Andhra Pradesh
  • Science & Tech
  • Sport

follow us

© Copyrights 2022 TELANGANA PUBLICATIONS PVT. LTD. All rights reserved. Powered by Veegam