The firm has stated that Chinese “threatening actors” have hacked some Microsoft Sharepoint Server and have targeted the data of businesses using them.
Along with the Chinese state-backed Linen Typhoon and Violet Typhoon, China-based Hurricane-2603 was also said that they are “exploited weaknesses” in the on-radius Sharepoint server, used by firms, but not in cloud-based service.
The US Tech giant has released security updates in response and advised all on-primeses SharePoint Server customers to install them.
“China strongly opposed and fought all the forms of cyber attacks and cyber crime,” said a Chinese Embassy spokesperson said in a statement.
“At the same time, we also oppose the blotting to others without concrete evidence,” Liu Pangu continued in a statement posted on X.
Microsoft stated that he had “high confidence”, hackers would continue to target systems that have not set up its safety updates.
Microsoft said in a statement, “The investigation of other actors using these exploits is still going on.”
It said that it will be updated Website / Blog Its investigation is on with more information.
Microsoft stated that it had seen the attacks in which hackers sent a request to a Sharepoint server to “enable the theft of major materials by the danger actors”.
The UK National Cyber Security Center stated that it includes the “limited number” of SharePoint Server customers in the UK.
Charles Karmakal, Chief Technology Officer of the Mandient Consulting Firm, a division of Google Cloud, told BBC News that “was” aware of many victims in many different areas in many global geography “.
Karmakal said that it seems that governments and businesses that use SharePoint on their sites were primary goals.
He said that many opponents who steal the content encountered by cryptography were then able to achieve access to the Sharepoint data of the victims, he said.
“It was exploited in a very broad manner, very opportunistic before providing a patch. That is why it is important,” said Carmakal.
Karmakal said that “China-Naxus actor” was deploying similar techniques as previous campaigns related to Beijing.
Microsoft stated that Linen Typhoon had “focused on stealing intellectual property, mainly to target government, defense, strategic plan and human rights related organizations”.
It stated that the violet typhoon was “dedicated to espionage”, mainly the former government and military staff, non-governmental organizations, think tanks, higher education, media, financial sector and health sector in America, Europe and East Asia.
Meanwhile, Storm -2603 was “evaluated with moderate confidence to be a” China -based danger actor “.
