FBI acts to remove backdoors from hacked Microsoft Exchange servers

The FBI has executed a court-authorized operation to remove malicious backdoor web shells from hundreds of Microsoft Exchange email servers targeted in the recent spate of attacks.

The attacks exploited four zero-day vulnerabilities in Microsoft Exchange, collectively referred to as the ProxyLogon vulnerabilities, that were first exploited by Chinese state-sponsored threat actors known as Hafnium. Even conservative estimates by security experts such as ESET pinned the number of compromised servers at over 5000.

Source link