WASHINGTON—More than 20,000 U.S. organizations have been compromised through a back door installed via recently patched flaws in Microsoft Corp.’s email software, a person familiar with the U.S. government’s response said on Friday.
The hacking has already reached more places than all of the tainted code downloaded from SolarWinds Corp., the company at the heart of another massive hacking spree uncovered in December.
The latest hack has left channels for remote access spread among credit unions, town governments, and small businesses, according to records from the U.S. investigation.
Tens of thousands of organizations in Asia and Europe are also affected, the records show.
The hacks are continuing despite emergency patches issued by Microsoft on Tuesday.
Microsoft, which had initially said the hacks consisted of “limited and targeted attacks,” declined to comment on the scale of the problem on Friday but said it was working with government agencies and security companies to provide help to customers.
It added, “impacted customers should contact our support teams for additional help and resources.”
One scan of connected devices showed only 10 percent of those vulnerable had installed the patches by Friday, though the number was rising.
Because installing the patch does not get rid of the back doors, U.S. officials are racing to figure out how to notify all the victims and guide them in their hunt.
All of those affected appear to run Web versions of email client Outlook and host them on their own machines, instead of relying on cloud providers. That may have spared many of the biggest companies and federal government agencies, the records suggest.
The federal Cybersecurity and Infrastructure Security Agency did not respond to a request for comment.
Earlier on Friday, White House press secretary Jen Psaki told reporters that the vulnerabilities found in Microsoft’s widely used Exchange servers were “significant,” and “could have far-reaching impacts.”
“We’re concerned that there are a large number of victims,” Psaki said.
Microsoft and the person working with the U.S. response blamed the initial wave of attacks on a Chinese government-backed actor. A Chinese government spokesman said the country was not behind the intrusions.
What started as a controlled attack late last year against a few classic espionage targets grew last month to a widespread campaign. Security officials said that implied that unless China had changed tactics, a second group may have become involved.
More attacks are expected from other hackers as the code used to take control of the mail servers spreads.
The hackers have only used the back doors to re-enter and move around the infected networks in a small percentage of cases, probably less than 1 in 10, the person working with the government said.
“A couple hundred guys are exploiting them as fast as they can,” stealing data and installing other ways to return later, he said.
The initial avenue of attack was discovered by prominent Taiwanese cyber researcher Cheng-Da Tsai, who said he reported the flaw to Microsoft in January. He said in a blog post that he was investigating whether the information leaked.
He did not respond to requests for further comment.
By Joseph Menn, Raphael Satter, and Trevor Hunnicutt
Affiliate News Feeds
- Washington Examiner
- The Federalist
- The Epoch Times
- The Guardian
- The Gateway Pundit
- Judicial Watch
By Marina Zhang Data from the Centers for Disease Control and Prevention (CDC) showed that vaccinated and boosted people made up most of the COVID-19 deaths in August. Of the… [...]
By Petr Svab Officials from the FBI and the Department of Homeland Security frequently met with major social media companies ahead of the 2020 election and pointed out users and… [...]
By Jack Phillips The campaign of Arizona Republican candidate Kari Lake responded to a district court imposing a fine on her lawyers after filing an election-related lawsuit earlier this year.… [...]
Union workers are lashing out at both political parties and President Joe Biden for the rail legislation signed to prevent a strike, calling the provisions a "slap in the face"… [...]
A former professor at the University of California San Diego said she gave all of her students "A" grades and no homework in a recently unearthed video. [...]
A key Senate vote over whether to provide paid sick leave for rail workers is highlighting a divide within the GOP, a party that has increasingly tried to position itself… [...]
Usually when a person defrauds investors of millions of dollars and launders the funds to personal pet projects, he goes to jail. (See: Bernie Madoff.) But in FTX founder Sam… [...]
Insider documents released on Friday confirm Twitter’s decision to suppress the New York Post’s legitimate reporting about Hunter Biden’s laptop mere weeks before the 2020 presidential election was a political… [...]
It would be easy to laugh in the faces of the ADL people but it's not a joke. Putting out these junk studies has real consequences. [...]
Seniors have been severely affected by inflation. Most had to cut back on spending and many needed to take “drastic” measures, such as skipping meals, according to a recent survey.… [...]
SIMI VALLEY, Calif.—The United States is at a pivotal point with China and will need military strength to ensure that American values, not Beijing’s, set global norms in the 21st… [...]
Rep. James Comer (R-Ky.), the incoming chairman of the House Committee on Oversight and Reform, announced Sunday a “broad probe into President [Joe] Biden’s energy crisis that is harming the… [...]
Initiative is part of measures agreed between London’s mayor Sadiq Khan and the police force Police officers in schools are to be monitored to see if they are disproportionately targeting… [...]
Exclusive: economic inactivity due to sickness at highest level since records began, with north, Wales and Northern Ireland disproportionately affectedPeople in the UK are getting “sicker and poorer”, with a… [...]
From first to last, the drum beats were relentless from the small section of Senegal supporters. They pounded in the temples of everybody present, creating an oppressive backdrop to this… [...]
Twitter continues to censor tweets by Kari Lake and other Trump-Endorsed candidates in Arizona for exposing Katie Hobbs and corruption in Arizona’s elections and the courts. The Gateway Pundit reported… [...]
Joe and Dr. Jill hosted a White House reception ahead of the Kennedy Center Honors show in the East Room. Jill Biden wore another ghastly dress Sunday evening at a… [...]
Nigerian President Muhammadu Buhari President Muhammadu Buhari warned last week that weapons from the raging war between Russia and Ukraine are now finding their way into the Lake Chad Basin… [...]
From Fox News: The Secret Service will not say why they changed their position regarding a government watchdog’s records request into Hunter Biden’s gun investigation records. Government watchdog Judicial Watch… [...]
(Washington, DC) – Judicial Watch announced today that the United States Secret Service has repeatedly changed its position about whether it is in possession of records related to the investigation… [...]