A security patch that Microsoft launched this month failed to fully correct one, opening the door to a broad global cyber espionage effort, as shown by a timeline analyzed by Reuters.
On Tuesday, a Microsoft spokesman confirmed that the company’s initial solution to the fault, identified in a hacker competition in May, did not work, but added that it launched other patches that solved the problem.
Read more:
Enjoy!
NFL in Brazil: Extra Tickets
NFL Game in SP: With XP card you compete for 10 pairs of tickets
It is still unclear who is behind the espionage effort, which targets about 100 organizations over the weekend, and is expected to spread as other hackers enter the fight.
In a blog post, Microsoft said two groups of supposedly Chinese hackers, called “Linen Typhoon” and “Violet Typhoon,” were exploring weaknesses along with a third, also based on China.
Alphabet’s Microsoft and Google said hackers linked to China are probably behind the first wave of cyber attacks.
Continues after advertising
Chinese government agents are regularly involved in cyber attacks, but Beijing routinely denies these operations.
In a statement sent by email, the Chinese embassy in Washington said China opposes all forms of cyber attacks and “defaming others without solid evidence.”
The vulnerability that paved the way for the attack was first identified in May in a hacker competition in Berlin, organized by the Cybercrotic security company Trend Micro, which offered cash rewards to discover computer bugs in popular software.
Continues after advertising
She offered a $ 100,000 prize for so -called “day zero” explorations that took advantage of non -revealed digital weaknesses that could be used against SharePoint, Microsoft’s leading collaboration and document management platform.
The US National Nuclear Security Administration, in charge of maintaining and projecting the country’s nuclear weapons stock, was among the violated agencies, the Bloomberg News On Tuesday, citing a person with knowledge of the subject.
It is not known whether any sensitive or confidential information has been compromised, he added.
Continues after advertising
The US Department of Energy, the US Cyber and Infrastructure Security Agency, and Microsoft did not immediately respond to Reuters’ requests to comment on the report.
A Viettel cyber security arm researcher, a Vietnam military telecommunications company, identified a sharepoint failure at the May event, called her “Toolshell” and showed a way to explore it.
The discovery earned the researcher a prize of $ 100,000, according to a zero day initiative X post of Trend Micro.
Continues after advertising
Participating suppliers were responsible for correcting and disseminating safety failures in an effective and timely manner, ”Trend Micro said in a statement.
“Patches occasionally will fail,” he added. “This has happened to SharePoint in the past.”
In a security update of July 8, Microsoft said it had identified the bug, listed it as a critical vulnerability, and launched patches to correct it.
About 10 days later, however, cyber security companies began to notice a flow of malicious online activities directed to the same software that the bug sought to explore: SharePoint servers.
“The threat agents later developed explorations that seem to circumvent these corrections,” said British Cyber Security company Sophos in a blog post on Monday.
Toolshell’s set of possible targets remains vast.
Theoretically, hackers could have compromised more than 8,000 online servers, according to data from the Shodan search engine, which helps identify connected equipment to the internet.
These servers were in networks ranging from auditors, banks, health companies and large industrial companies to state and international government agencies.
