Microsoft’s Exchange Server used for emails and calendaring services was recently targeted by hackers to infiltrate companies and organizations across industries. The company rolled out a security patch to fix the flaws with the Exchange Server a few days ago but that did not deter the hacking group in any way.
These hackers are reportedly the Chinese state-sponsored group dubbed Hafnium which appeared to be ready for Microsoft’s new security patch. They ramped up and automated their campaign and managed to infiltrate nearly 30,000 US organizations using Microsoft’s Exchange Server. This included banks, police departments, hospitals, local government, and more.
The number of victims was reportedly over hundreds of thousands.
The security patch has only fixed the vulnerabilities at Microsoft’s Exchange Server and those who have been compromised will still have to remove the backdoor in their systems themselves. These backdoors were being used by the hacking group to plant “web shells” in their victims’ servers which would give them admin access and allow them to steal information.
Security experts are now worried about these hackers planting additional backdoors while companies remove the ones already existing.
Microsoft was reached out for comment on the matter and it said that it’s working with  the US Cybersecurity & Infrastructure Security Agency and other agencies to provide its customers with “additional investigation and mitigation guidance.”
