The firm has stated that the Chinese “threatening actors” have hacked Microsoft’s Sharepoint Document Software Server and targeted the data of businesses using it.
Along with the Chinese state-backed Linen Typhoon and Violet Typhoon, China-based Hurricane-2603 was also said that they are “exploited weaknesses” in the on-radius Sharepoint server, used by firms, but not in cloud-based service.
The US Tech giant has released security updates in response and advised all on-primeses SharePoint Server customers to install them.
Microsoft said in a statement, “The investigation of other actors using these exploits is still going on.”
The firm said that it has “high confidence”, hackers will continue to target systems that have not set up its safety updates.
It said that it will be updated Website / Blog Its investigation is on with more information.
Microsoft stated that it had seen the attacks in which hackers sent a request to a Sharepoint server to “enable the theft of major materials by the danger actors”.
Charles Carmacal, Chief Technology Officer of Mandiant Consulting Firm, a division of Google Cloud, told the BBC that it was “Knowing many victims in many different areas in many global geographical areas”.
Karmakal said that it seems that governments and businesses that use SharePoint on their sites were primary goals.
He said that many opponents who steal the content encountered by cryptography were then able to achieve access to the Sharepoint data of the victims, he said.
“It was exploited in a very broad manner, very opportunistic before providing a patch. That is why it is important,” said Carmakal.
Karmakal said that “China-Naxus actor” was deploying similar techniques as previous campaigns related to Beijing.
Microsoft stated that Linen Typhoon had “focused on stealing intellectual property, mainly to target government, defense, strategic plan and human rights related organizations”.
It stated that the violet typhoon was “dedicated to espionage”, mainly the former government and military staff, non-governmental organizations, think tanks, higher education, media, financial sector and health sector in America, Europe and East Asia.
Meanwhile, Storm -2603 was “evaluated with moderate confidence to be a” China -based danger actor “.
