Arab Press

بالشعب و للشعب
Friday, Aug 22, 2025

Microsoft warns multiple groups attacking clients' email servers, not just Chinese hackers

Microsoft warns multiple groups attacking clients' email servers, not just Chinese hackers

Researchers fear that cyber criminals could exacerbate an initial hacking campaign attributed to a state-sponsored group in China.

Microsoft has warned that "multiple actors" are attacking its clients' email servers following a global hacking campaign which it last week attributed to a China-based state-sponsored group.

Researchers fear the tools used by the initial state-sponsored attackers to access Microsoft Exchange servers could now be exploited by criminals, with calls growing for President Biden to urgently raise the issue with Beijing.

The Chinese state-sponsored campaign is believed to have indiscriminately compromised tens of thousands of on-premise email servers worldwide with an intention to subsequently target specific victims.

Calls are growing for President Joe Biden to intervene.


Last week government security authorities amplified Microsoft's urgent call for customers running on-premise Exchange servers to apply the patch, and the company is now warning that there are multiple groups taking advantage of unpatched systems.

Microsoft initially warned that the state-sponsored group "primarily targets entities in the United States across a number of industry sectors, including infectious disease researchers, law firms, higher education institutions, defence contractors, policy think tanks, and NGOs".

After compromising email servers belonging to these organisations, Microsoft said the attackers created web shells - interfaces which allow them to remotely access the compromised network even after the original vulnerabilities were patched - which is provoking additional concern.

Because the campaign was so broad, not all of the compromised servers are operated by organisations that would typically be of interest to cyber spies

But experts are concerned that if criminals were to piggyback on those spies' access then they could cause significant collateral damage.

Dmitri Alperovitch, the co-founder and former chief technology officer of cyber security firm Crowdstrike, warned that financially-motivated criminals could access these webshells and potentially deploy ransomware.


"Because this campaign is still ongoing - Chinese have webshells on tens of thousands of networks - the response must demand immediate shutdown of those implants to limit damage, not just signal our displeasure with the fact that it had occurred. Needs to happen now," he added.

The UK's National Cyber Security Centre said it is working to establish the extent of the campaign's impact on the country.

One cyber security professional told Sky News their business had seen a number of clients in the UK compromised by the campaign, many of whom they would not have expected to be a typical target for Beijing, suggesting the attackers would have a subsequent triage stage to select specific victims.

The Washington Post reported that the "indiscriminate nature" of the campaign has caused concern among officials, and that the Biden administration was moving to address the incident - although no actions have yet been announced.

Newsletter

Related Articles

Arab Press
0:00
0:00
Close
Dogfights in the Skies: Airbus on Track to Overtake Boeing and Claim Aviation Supremacy
Tim Cook Promises an AI Revolution at Apple: "One of the Most Significant Technologies of Our Generation"
Are AI Data Centres the Infrastructure of the Future or the Next Crisis?
Miles Worth Billions: How Airlines Generate Huge Profits
Zelenskyy Returns to White House Flanked by European Allies as Trump Pressures Land-Swap Deal with Putin
Beijing is moving into gold and other assets, diversifying away from the dollar
Trump Backs Putin’s Land-for-Peace Proposal Amid Kyiv’s Rejection
Zelenskyy to Visit Washington after Trump–Putin Summit Yields No Agreement
Iranian Protection Offers Chinese Vehicle Shipments a Cost Advantage over Japanese and Korean Makers
United States Sells Luxury Yacht Amadea, Valued at Approximately $325 Million, in First Sale of a Seized Russian Yacht Since the Invasion of Ukraine
Saudi Arabia accelerates renewables to curb domestic oil use
Cristiano Ronaldo and Georgina Rodríguez announce engagement
Asia-Pacific dominates world’s busiest flight routes, with South Korea’s Jeju–Seoul corridor leading global rankings
Private Welsh island with 19th-century fort listed for sale at over £3 million
Sam Altman challenges Elon Musk with plans for Neuralink rival
Australia to Recognize the State of Palestine at UN Assembly
The Collapse of the Programmer Dream: AI Experts Now the Real High-Earners
Armenia and Azerbaijan to Sign US-Brokered Framework Agreement for Nakhchivan Corridor
British Labour Government Utilizes Counter-Terrorism Tools for Social Media Monitoring Against Legitimate Critics
WhatsApp Deletes 6.8 Million Scam Accounts Amid Rising Global Fraud
Texas Residents Face Water Restrictions While AI Data Centers Consume Millions of Gallons
India Rejects U.S. Tariff Threat, Defends Russian Oil Purchases
United States Establishes Strategic Bitcoin Reserve and Digital Asset Stockpile
Thousands of Private ChatGPT Conversations Accidentally Indexed by Google
China Tightens Mineral Controls, Curtailing Critical Inputs for Western Defence Contractors
JPMorgan and Coinbase Unveil Partnership to Let Chase Cardholders Buy Crypto Directly
British Tourist Dies Following Hair Transplant in Turkey, Police Investigate
WhatsApp Users Targeted in New Scam Involving Account Takeovers
Trump Deploys Nuclear Submarines After Threats from Former Russian President Medvedev
Germany’s Economic Breakdown and the Return of Militarization: From Industrial Collapse to a New Offensive Strategy
Germany Enters Fiscal Crisis as Cabinet Approves €174 Billion in New Debt
IMF Upgrades Global Growth Forecast as Weaker Dollar Supports Outlook
Politics is a good business: Barack Obama’s Reported Net Worth Growth, 1990–2025
UN's Top Court Declares Environmental Protection a Legal Obligation Under International Law
"Crazy Thing": OpenAI's Sam Altman Warns Of AI Voice Fraud Crisis In Banking
Japanese Prime Minister Vows to Stay After Coalition Loses Upper House Majority
President Trump Diagnosed with Chronic Venous Insufficiency After Leg Swelling
Man Dies After Being Pulled Into MRI Machine Due to Metal Chain in New York Clinic
FIFA Pressured to Rethink World Cup Calendar Due to Climate Change
Iranian President Reportedly Injured During Israeli Strike on Secret Facility
Kurdistan Workers Party Takes Symbolic Step Towards Peace in Northern Iraq
BRICS Expands Membership with Indonesia and Ten New Partner Countries
Elon Musk Founds a Party Following a Poll on X: "You Wanted It – You Got It!"
AI Raises Alarms Over Long-Term Job Security
Russia Formally Recognizes Taliban Government in Afghanistan
Saudi Arabia Maintains Ties with Iran Despite Israel Conflict
Mediators Edge Closer to Israel-Hamas Ceasefire Agreement
Germany Seeks Taliban Deal to Deport Afghan Migrants
Emirates Airline Expands Market Share with New $20 Million Campaign
Robots Compete in Football Tournament in China Amid Injuries
×