China’s Microsoft Hack May Have Had A Bigger Purpose Than Just Spying
August 26, 2021
Steven Adair hunts hackers for a living. Back in January, in a corner-of-his-eye, peripheral kind of way, he thought he saw one in his customer’s networks — a shadowy presence downloading emails.
Adair is the founder of a cybersecurity company called Volexity, and he runs traps to corner intruders all the time. So he took a quick look at a server his client was using to run Microsoft Exchange and was stunned to “see requests that we’re not expecting,” he said. There were requests for access to specific email accounts, requests for confidential files.
He followed all this requested information to a virtual server off-site. “The hair is almost rising on my arms right now when I think about it,” Adair told NPR later. “This feeling of like, oh, crap this is not what should be going on.”
What Adair discovered was a massive hack into Microsoft Exchange — one of the most popular email software programs in the world. For nearly three months, intruders helped themselves to everything from emails to calendars to contacts. Then they went wild and launched a second wave of attacks to sweep Exchange data from tens of thousands of unsuspecting victims. They hit mom-and-pop shops, dentist offices, school districts, local governments — all in a brazen attempt to vacuum up information.
Both the White House and Microsoft have said unequivocally that Chinese government-backed hackers are to blame.
NPR’s months-long examination of the attack — based on interviews with dozens of players from company officials to cyber forensics experts to U.S. intelligence officials — found that stealing emails and intellectual property may only have been the beginning. Officials believe that the breach was in the service of something bigger: China’s artificial intelligence ambitions. The Beijing leadership aims to lead the world in a technology that allows computers to perform tasks that traditionally required human intelligence — such as finding patterns and recognizing speech or faces.
“There is a long-term project underway,” said Kiersten Todt, who was the executive director of the Obama administration’s bipartisan commission on cybersecurity and now runs the Cyber Readiness Institute. “We don’t know what the Chinese are building, but what we do know is that diversity of data, quality of data aggregation, accumulation of data is going to be critical to its success.”
NEW: A security researcher has discovered a web attack framework developed by a suspected Chinese government hacking group and used to exploit vulnerabilities in 58 popular websites to collect data on possible Chinese dissidents.t.co/wC7RvO8JCL pic.twitter.com/e2JalL5ur8
— Catalin Cimpanu (@campuscodi) August 17, 2021
In addition, Tetris also includes plugins to abuse legitimate browser features to collect:
-user keystrokes
-bunch of OS details
-geolocation data
-internal IP addresses
-and even webcam snapshots of a target’s faceIOCs here: t.co/wxmeLPlfIZ pic.twitter.com/3w5IgFz7KI
— Catalin Cimpanu (@campuscodi) August 17, 2021
h/t Digital mix guy
- Ellen Brown: The Looming Quadrillion Dollar Derivatives Tsunami
- Janet Yellen Just Poured Lighter Fluid On Every Small Bank In America
- The Great Financial Collapse of 2023. Comparison of Bear Stearns’ collapse in March 2008 and Credit Suisse in March 2023.
- Ron DeSantis unveils legislation to BAN Central Bank Digital Currency in Florida, protecting citizens from a grave threat to civil liberties…
- Never in history have we had all three issues happening at once…
- Clearwater Mayor abruptly resigns… Council members left in stunned silence
- Sperm has been almost entirely replaced by spike proteins
- People are crashing…
- Armstrong: WOKE Culture is Destroying the Economy & our Nation
- 2023: A Year When Everything Is Suddenly Breaking Loose All At Once
Views: 20