Computer threat –
Chinese pirates have exploited a Microsoft fault
Groups of hackers linked to Beijing have infiltrated servers via a flaw in SharePoint software. American government agencies are among the victims.
Several groups of Chinese hackers have exploited a security flaw for the SharePoint server software from Microsoft (illustration image).
EXPERITE THIS
Several groups of Chinese hackers have exploited a security flaw on the SharePoint server software from Microsoft, the group reported on Tuesday, which offers its customers an update of the program.
According to the latest figures published by Microsoft, in 2020, SharePoint, which allows members of the same entity (company, organization) to share files and data, had more than 200 million active users.
The cybersecurity start-up Eye Security was the first to note this fault on Saturday, which allows third parties to recover, without authorization, identifiers and then access the servers.
Cybercriminals can then implant malware (malware) or get hold of the files and documents housed in the servers.
Microsoft vulnerability
Microsoft confirmed this vulnerability, also on Saturday, but without offering immediate update to fill it, several dozen institutions, including agencies from the United States government, having been attacked.
The IT group published an updating of its software on Sunday. But Eye Security stressed that the digital keys obtained thanks to the flaw could be used even after the update and Microsoft invited its customers to regence identifiers internal.
Tuesday, Microsoft said that he had spotted attacks by two groups of hackers affiliated with the Chinese government, called Linen Typhoon and Typhoon purple in the group’s nomenclature, which gives names to unidentified pirate cells.
The company of Redmond (Washington State) also detected a third Chinese collective, called Storm-2603, a priori not attached to the authorities of the country.
Chinese pirate methods
Microsoft has published elements with the methods used by pirates to take advantage of this flaw.
SharePoint software is sometimes used on the company’s own servers or organization, which do not automatically update their programs, unlike the cloud.
In 2023, Chinese pirates had exploited a programming defect in remote email management software (Cloud) from Microsoft and access to emails from US government officials.
“Latest news”
Do you want to stay at the top of the info? “24 hours” offers you two meetings a day, not to miss anything of what is happening in your canton, in Switzerland or in the world.
Other newsletters
AFP
Did you find an error? Please report it to us.