Chinese-Linked Hackers Exposed for Targeted Microsoft Exchange Server Breaches
Chinese-linked hackers have been exposed for breaching Microsoft 365 servers used by foreign ministries, with a focus on strategic events and military movements. The attacks, discovered in early 2021, have been attributed to state-sponsored groups, including Hafnium and Phantom Taurus by Microsoft and Palo Alto Networks respectively.
The hackers exploited vulnerabilities in the email servers, gaining full access to search for information. They targeted specific terms related to a China-Arab summit held in 2022, indicating a strategic interest in the event. The breaches went beyond simple spying, suggesting a more sinister intent.
In addition to these government targets, suspected Chinese hackers have been actively targeting industries worldwide. A recent compromise of US technology companies by a Chinese group was reported by Google, highlighting the global reach of these cyber threats.
Liu Pengyu, spokesperson for the Chinese Embassy in Washington, acknowledged the global issue of hacking, stating that the Chinese government opposes all forms of cyberattacks. However, the breaches and targeted searches raise serious concerns about state-sponsored cyber espionage and its potential impact on international relations and global security.
