Outlook users’ hacked globally as four hacking groups launch offensive against Microsoft

Microsoft Outlook users were hacked recently by “a Chinese government-backed hacking group” as per Microsoft It was further reported that a cybersecurity company was collaborating with at least 50 victims to find out what the hackers had accessed and to mitigate the damage caused by them.

According to Microsoft, a Chinese hacking group known as “Hafnium” was mainly responsible for breaking into private and government-owned computer networks through the Microsoft Exchange email software. Hafnium in tandem with the APT groups has long been running cyber-espionage campaigns against the US, as per Microsoft.

“HAFNIUM primarily targets entities in the United States across a number of industry sectors, including infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and NGOs. HAFNIUM has previously compromised victims by exploiting vulnerabilities in internet-facing servers, and has used legitimate open-source frameworks.”, a blog post by Microsoft stated.

However, the hacking group which began its attack in January 2021, has now been joined by at least four other hacking groups attacking the critical flaws in Microsoft’s email software – Outlook, as per emerging reports.

Microsoft also announced updates to address the vulnerabilities exploited by hackers. It added, “The vulnerabilities recently being exploited were CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065, all of which were addressed today’s Microsoft Security Response Center (MSRC) release – Multiple Security Updates Released for Exchange Server. We strongly urge customers to update on-premises systems immediately. Exchange Online is not affected.”

The attack is at least the second major attack by international hacking groups against US interests in 2021. Earlier in 2021, the SolarWinds breach targeted nine federal agencies and 100 companies.

Read More: Major software company SolarWinds got hacked because an intern used “solarwinds123” as a password