More hacking groups join Microsoft Exchange attack frenzy
By
More state-sponsored hacking groups have joined the ongoing attacks targeting tens of thousands of on-premises Exchange servers impacted by severe vulnerabilities tracked as ProxyLogon.
After Microsoft's initial report that the vulnerabilities were actively exploited by a Chinese APT group named Hafnium, Slovak internet security firm ESET shared info on at least three other Chinese-backed hacking groups abusing the ProxyLogon flaws in ongoing attacks.
Besides those three (APT27, Bronze Butler aka Tick, and Calypso), ESET also said that it also identified several "additional yet-unclassified clusters."
In a Friday update to their announcement, Microsoft said that several other threat actors "beyond HAFNIUM" are also exploiting the four critical Exchange flaws.