In a blog post on Tuesday, the company said that four vulnerabilities in its software allowed hackers to access servers for Microsoft Exchange, “which enabled access to email accounts, and allowed installation of additional malware to facilitate long-term access to victim environments,” reported CNN.
The firm further said the online platform for Exchange was not affected in the cyberattack. Meanwhile, Microsoft (MSFT) is now urging users to download software patches, or fixes, for the four different vulnerabilities that were found.
The company also said it believes the attacks were carried out by Hafnium, “a group assessed to be state-sponsored and operating out of China.”
“We are sharing this information with our customers and the security community to emphasize the critical nature of these vulnerabilities and the importance of patching all affected systems immediately… This blog also continues our mission to shine a light on malicious actors and elevate awareness of the sophisticated tactics and techniques used to target our customers,” it said.Hafnium is a network of hackers that “primarily targets entities in the US across a number of industry sectors, including infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks and [non-government organizations],” reported CNN citing Microsoft.
Though the group is believed to be based in China, it usually strikes using virtual private servers based in the United States, the company said.
In response to Microsoft’s allegations, a spokesperson for China’s Ministry of Foreign Affairs said that the country “firmly opposes and fights all forms of cyber-attacks and thefts in accordance with the law.”
“Connecting cyberattacks directly to the government is a highly sensitive political issue… China hopes that relevant media and companies will adopt a professional and responsible attitude. When characterizing cyber incidents, it should be based on sufficient evidence, rather than unprovoked guesses,” Wang Wenbin told reporters at a regular press briefing.
According to CNN, this isn’t Microsoft’s first tangle with Hafnium. The tech giant has previously — on separate, unrelated occasions — observed the group “interacting with victim” users of Office 365, it said.
This story has been published from a wire agency feed without modifications to the text.