Arab Press

بالشعب و للشعب
Thursday, Oct 02, 2025

Microsoft warns multiple groups attacking clients' email servers, not just Chinese hackers

Microsoft warns multiple groups attacking clients' email servers, not just Chinese hackers

Researchers fear that cyber criminals could exacerbate an initial hacking campaign attributed to a state-sponsored group in China.

Microsoft has warned that "multiple actors" are attacking its clients' email servers following a global hacking campaign which it last week attributed to a China-based state-sponsored group.

Researchers fear the tools used by the initial state-sponsored attackers to access Microsoft Exchange servers could now be exploited by criminals, with calls growing for President Biden to urgently raise the issue with Beijing.

The Chinese state-sponsored campaign is believed to have indiscriminately compromised tens of thousands of on-premise email servers worldwide with an intention to subsequently target specific victims.

Calls are growing for President Joe Biden to intervene.


Last week government security authorities amplified Microsoft's urgent call for customers running on-premise Exchange servers to apply the patch, and the company is now warning that there are multiple groups taking advantage of unpatched systems.

Microsoft initially warned that the state-sponsored group "primarily targets entities in the United States across a number of industry sectors, including infectious disease researchers, law firms, higher education institutions, defence contractors, policy think tanks, and NGOs".

After compromising email servers belonging to these organisations, Microsoft said the attackers created web shells - interfaces which allow them to remotely access the compromised network even after the original vulnerabilities were patched - which is provoking additional concern.

Because the campaign was so broad, not all of the compromised servers are operated by organisations that would typically be of interest to cyber spies

But experts are concerned that if criminals were to piggyback on those spies' access then they could cause significant collateral damage.

Dmitri Alperovitch, the co-founder and former chief technology officer of cyber security firm Crowdstrike, warned that financially-motivated criminals could access these webshells and potentially deploy ransomware.


"Because this campaign is still ongoing - Chinese have webshells on tens of thousands of networks - the response must demand immediate shutdown of those implants to limit damage, not just signal our displeasure with the fact that it had occurred. Needs to happen now," he added.

The UK's National Cyber Security Centre said it is working to establish the extent of the campaign's impact on the country.

One cyber security professional told Sky News their business had seen a number of clients in the UK compromised by the campaign, many of whom they would not have expected to be a typical target for Beijing, suggesting the attackers would have a subsequent triage stage to select specific victims.

The Washington Post reported that the "indiscriminate nature" of the campaign has caused concern among officials, and that the Biden administration was moving to address the incident - although no actions have yet been announced.

Newsletter

Related Articles

Arab Press
0:00
0:00
Close
Altman Says GPT-5 Already Outpaces Him, Warns AI Could Automate 40% of Work
Trump Organization Teams with Saudi Developer on $1 Billion Trump Plaza in Jeddah
Archaeologists Recover Statues and Temples from 2,000-Year-Old Sunken City off Alexandria
Colombian President Petro Vows to Mobilize Volunteers for Gaza and Joins List of Fighters
Nvidia and Abu Dhabi’s TII Launch First AI-&-Robotics Lab in the Middle East
UK, Canada, and Australia Officially Recognise Palestine in Historic Shift
Dubai Property Boom Shows Strain as Flippers Get Buyer’s Remorse
JWST Data Brings TRAPPIST-1e Closer to Earth-Like Habitability
UAE-US Stargate Project Poised to Make Abu Dhabi a Global AI Powerhouse
Saudi Arabia cracks down on music ‘lounges’ after conservative backlash
Saudi Arabia Signs ‘Strategic Mutual Defence’ Pact with Pakistan, Marking First Arab State to Gain Indirect Access to Nuclear Strike Capabilities in the Region
Turkish car manufacturer Togg Enters German Market with 5-Star Electric Sedan and SUV to Challenge European EV Brands
World’s Longest Direct Flight China Eastern to Launch 29-Hour Shanghai–Buenos Aires Direct Flight via Auckland in December
New OpenAI Study Finds Majority of ChatGPT Use Is Personal, Not Professional
Kuwait opens bidding for construction of three cities to ease housing crunch.
Indian Student Engineers Propose “Project REBIRTH” to Protect Aircraft from Crashes Using AI, Airbags and Smart Materials
Could AI Nursing Robots Help Healthcare Staffing Shortages?
Turkish authorities seize leading broadcaster amid fraud and tax investigation
Apple Introduces Ultra-Thin iPhone Air, Enhanced 17 Series and New Health-Focused Wearables
Big Oil Slashes Jobs and Investments Amid Prolonged Low Crude Prices
Social Media Access Curtailed in Turkey After CHP Calls for Rallies Following Police Blockade of Istanbul Headquarters
Gold Could Reach Nearly $5,000 if Fed Independence Is Undermined, Goldman Sachs Warns
Uruguay, Colombia and Paraguay Secure Places at 2026 World Cup
Trump Administration Advances Plans to Rebrand Pentagon as Department of War Instead of the Fake Term Department of Defense
Tether Expands into Gold Sector with Profit-Driven Diversification
Trump’s New War – and the ‘Drug Tyrant’ Fearing Invasion: ‘1,200 Missiles Aimed at Us’
At the Parade in China: Laser Weapons, 'Eagle Strike,' and a Missile Capable of 'Striking Anywhere in the World'
Information Warfare in the Age of AI: How Language Models Become Targets and Tools
Israeli Airstrike in Yemen Kills Houthi Prime Minister
After the Shock of Defeat, Iranians Yearn for Change
YouTube Altered Content by Artificial Intelligence – Without Permission
Iran Faces Escalating Water Crisis as Protests Spread
More Than Half a Million Evacuated as Typhoon Kajiki Heads for Vietnam
HSBC Switzerland Ends Relationships with Over 1,000 Clients from Saudi Arabia, Lebanon, Qatar, and Egypt
Sharia Law Made Legally Binding in Austria Despite Warnings Over 'Incompatible' Values
Dogfights in the Skies: Airbus on Track to Overtake Boeing and Claim Aviation Supremacy
Tim Cook Promises an AI Revolution at Apple: "One of the Most Significant Technologies of Our Generation"
Are AI Data Centres the Infrastructure of the Future or the Next Crisis?
Miles Worth Billions: How Airlines Generate Huge Profits
Zelenskyy Returns to White House Flanked by European Allies as Trump Pressures Land-Swap Deal with Putin
Beijing is moving into gold and other assets, diversifying away from the dollar
Trump Backs Putin’s Land-for-Peace Proposal Amid Kyiv’s Rejection
Zelenskyy to Visit Washington after Trump–Putin Summit Yields No Agreement
Iranian Protection Offers Chinese Vehicle Shipments a Cost Advantage over Japanese and Korean Makers
United States Sells Luxury Yacht Amadea, Valued at Approximately $325 Million, in First Sale of a Seized Russian Yacht Since the Invasion of Ukraine
Saudi Arabia accelerates renewables to curb domestic oil use
Cristiano Ronaldo and Georgina Rodríguez announce engagement
Asia-Pacific dominates world’s busiest flight routes, with South Korea’s Jeju–Seoul corridor leading global rankings
Private Welsh island with 19th-century fort listed for sale at over £3 million
Sam Altman challenges Elon Musk with plans for Neuralink rival
×