Click to Skip Ad
Closing in...
  1. Mattress Topper Amazon
    14:52 Deals

    35,000 Amazon shoppers gave this mattress topper 5 stars – get one for $34 today

  2. Best Selling Drones Amazon
    13:27 Deals

    Amazon has a $59 drone you can control with gestures or just your voice

  3. Amazon Echo Auto Price
    13:16 Deals

    Add hands-free Alexa to your car for $19.99 with this Amazon deal

  4. Amazon Gift Card Promotion
    11:46 Deals

    How you can get $15 from Amazon right now for free

  5. Amazon Deals
    07:55 Deals

    10 deals you don’t want to miss on Saturday: Alexa in your car for $19.99, $200 Chro…




The FBI is hacking hundreds of computers in the US, but for a good reason

April 14th, 2021 at 9:00 AM
Cybersecurity news

A little more than a month after Microsoft disclosed a bombshell piece of cybersecurity industry news — an attack on Microsoft Exchange servers, whereby state-sponsored hackers from China were chaining together attacks on four vulnerabilities in Microsoft’s email cloud service in order to steal data — the US government just shared a pretty incredible piece of related news.

Court documents were unsealed, enabling a US Justice Department announcement that the FBI had undertaken what the department calls a successful operation to “copy and remove” backdoors remaining in hundreds of vulnerable computers around the US. The operation to remove these remaining malicious web shells was necessary, the Justice Department’s announcement says, because they could have been used “to maintain and escalate persistent, unauthorized access to US networks.” The FBI removed all of these backdoors by sending a command to the server through the web shell, which was meant to prod the server to delete only the web shell.

Today's Top Deal Control your garage door from anywhere with your smartphone or Alexa! List Price:$29.98 Price:$21.99 You Save:$7.99 (27%) Buy Now Available from Amazon, BGR may receive a commission Available from Amazon BGR may receive a commission

“Today’s court-authorized removal of the malicious web shells demonstrates the Department’s commitment to disrupt hacking activity using all of our legal tools, not just prosecutions,” said US Assistant Attorney General John C. Demers, for the Justice Department’s National Security Division. “Combined with the private sector’s and other government agencies’ efforts to date, including the release of detection tools and patches, we are together showing the strength that public-private partnership brings to our country’s cybersecurity.”

Among other details the Justice Department shared, as part of disclosing this operation:

  • This all stems from Microsoft’s early March announcement that a hacking group used multiple zero-day vulnerabilities to target computers running Microsoft Exchange server software. Other hacking groups also used these vulnerabilities to install web shells on “thousands” of victims’ computers.
  • Despite Microsoft’s and law enforcement’s efforts to mitigate the damage, by the end of March there were apparently still hundreds of web shells remaining on US-based computers running the Microsoft Exchange server software.
  • The FBI says it’s trying to share notice of this court-approved operation to all owners and operators of the affected computers. In these cases, where contact information is publicly available, the bureau will send an e-mail message from its official @fbi.gov account to provide the notice. Where contact information is not readily available, the FBI will send an email from that same official email account to victim’s ISPs and ask them to pass along the notice.

The announcement concludes by noting that, although the operation “was successful in copying and removing those web shells, it did not patch any Microsoft Exchange Server zero-day vulnerabilities or search for or remove any additional malware or hacking tools that hacking groups may have placed on victim networks by exploiting the web shells. The Department strongly encourages network defenders to review Microsoft’s remediation guidance and the March 10, 2021, Joint Advisory for further guidance on detection and patching.”

Today's Top Deal Control your garage door from anywhere with your smartphone or Alexa! List Price:$29.98 Price:$21.99 You Save:$7.99 (27%) Buy Now Available from Amazon, BGR may receive a commission Available from Amazon BGR may receive a commission

Andy is a reporter in Memphis who also contributes to outlets like Fast Company and The Guardian. When he’s not writing about technology, he can be found hunched protectively over his burgeoning collection of vinyl, as well as nursing his Whovianism and bingeing on a variety of TV shows you probably don’t like.




Popular News