Friday, July 23, 2021

Microsoft Exchange hack: Hackers breached the email servers of the European Banking Authority (EBA)

Must Read

iOS, Windows 10, Chrome, and Lots of others fall at China’s top hacking Competition

Many of the top software programs are hacked with new and never-before-seen exploits at this season's version of this...

Big Tech Giants formed Ransomware Task Force

Recently founded Ransomware Task Force will work together with a standard framework for Tackle ransomware attacks. A group of 19...

Armed Forces confirm hacking of their data network

The Malaysian Armed Forces (ATM) verified that there was a cyber assault on its information network yesterday. Armed Forces chief...

The European Banking Authority (EBA) on Sunday said it had been a victim of a cyberattack targeting its Microsoft Exchange Servers, forcing it to temporarily take its email systems offline as a precautionary measure.

Hackers breached the email servers of the European Banking Authority (EBA) as part of the global cyberattacks targeting the Microsoft Exchange Server – and while the Paris-based financial security agency for the European Union says that no data has been stolen as part of the attack, it remains on high alert.

“As the vulnerability is related to the EBA’s email servers, access to personal data through emails held on that servers may have been obtained by the attacker,” the Paris-based regulatory agency said.

The EBA fell victim to a hacking campaign exploiting four zero-day vulnerabilities in the Microsoft Exchange Server that has affected tens of thousands of organizations around the world.

EBA said it’s launched a full investigation into the incident in partnership with its information and communication technology (ICT) provider, a team of forensic experts, and other relevant entities.

The vulnerabilities allowed cyber attackers to gain access to the European Banking Authority’s email servers, initially leading to fears that personal data may have been accessed by hackers.

In a second update issued on Monday, the agency said it had secured its email infrastructure and that it found no evidence of data extraction, adding it has “no indication to think that the breach has gone beyond our email servers.”

“Since it became aware of the vulnerabilities, the EBA has taken a proactive approach and carried out a thorough assessment to appropriately and effectively detect any network intrusion that could compromise the confidentiality, integrity, and availability of its systems and data,” the EBA said in a statement.

“Besides re-securing its email system, the EBA remains in heightened security alert and will continue monitoring the situation,” it added.

Stating that the Chinese Exchange server hacks are a major norms violation, Dmitri Alperovitch, chairman of the Silverado Policy Accelerator and co-founder of CrowdStrike, said “while it started as targeted espionage campaign, they engaged in reckless and dangerous behavior by scanning/compromising Exchange servers across the entire IPv4 address space with web shells that can now be used by other actors, including ransomware crews.”

The rapidly accelerating intrusions, which also come three months after the SolarWinds hacking campaign, have been primarily attributed to a group called Hafnium, which Microsoft says is a state-sponsored group operating out of China.

Analysis of the Microsoft Exchange Server attack was carried out by the European Banking Authority in collaboration with the European Union’s Computer Emergency Response Team (CERT-EU), as well as additional security experts.

The EBA is just one of the thousands of organizations around the world that are believed to have been targeted by attackers exploiting newly discovered zero-day flaws in Microsoft Exchange Server, the email inbox, calendar, and collaboration solution used by enterprises of all sizes around the world.

Microsoft has released a security update to patch the vulnerabilities and is urging customers to apply it as soon as possible to protect themselves from being attacked.

Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.


Please enter your comment!
Please enter your name here

Latest News

OAIC: Uber found to have interfered with the privacy of over 1.2 million Australians

The Office of the Australian Information Commissioner (OAIC) has determined that Uber Technologies, Inc. and Uber B.V. have interfered...

Over 80 US Municipalities data are exposed due to Misconfigured Amazon S3

A team of Cybersecurity researchers at Wizcase found major data exposure of Over 80 US Municipalities due to the Misconfigured Amazon S3 Bucket. This happened...

Formbook malware Upgraded as an XLoader malware to Attack macOS Systems

Researchers have spotted an upgraded malware variant of Formbook malware which is now Upgraded as an XLoader malware to Attack macOS Systems. Cybersecurity researchers on...

Millions of HP, Samsung, Xerox Printers are Vulnerable to 16 year old bug

A 16-year-old security vulnerability affects Millions of HP, Samsung, Xerox Printers Driver allows attackers to gain admin rights on systems using the vulnerable driver...

MosaicLoader malware targets cracked software via SEO poisoning

New MosaicLoader malware targets users that are searching to download cracked software. Cybercriminals run ad campaigns in search engine results to boost their malicious...

More Articles Like This