The Exploitation of Microsoft Exchange Server Vulnerabilities : 200+ BD organization affected

6

TV24 DESK: The Microsoft Mail Server Exchange is at risk around the globe. Bangladesh too is not spared from this attack. At least 200 companies across the country have been attacked, according to the BGD e-Gov CIRT.

Affected organizations include Adhuri, Selbin, Rangs, Enafood, Datapath, etc.
According to the BGD e-Gov CIRT, some IP addresses have been found that are at risk of attack. These include Agni Systems Limited, Bangla Trac Communications, Bangladesh Bank, BTRC, Standard Bank, Trust Bank, Bank Asia etc.

The organization said in a report on Thursday (April 1st) that the cyber attack was carried out by a group of hackers called Hafnium, which operates under Chinese state sponsorship.

List of affected organizations

In this regard, Mr. Tarique M Barkatullah, Director of National Datacenter at Bangladesh Computer Council (BCC) told Digibangla that we found some IP Addresses associated with different Bangladeshi Organizations, some of these are already exploited and also some others are vulnerable to these threats. Actually, Microsoft’s mail servers have been attacked in various countries including Brazil.
He said the hacker group collects information via mail from Microsoft’s mail servers. They have attacked the servers of more than two hundred organizations in Bangladesh.

Mr. Tarique further said. to secure against this threat, BGD e-GOV CIRT recommends organizations examine their systems for the TTPs and use the IOCs to detect any malicious activity. If an organization discovers exploitation activity, they should assume network identity compromise and follow incident response procedures. If an organization finds no activity, they should apply available patches immediately and implement the mitigations in this Alert. Digibangla

LEAVE A REPLY

Please enter your comment!
Please enter your name here