At least ten hacking groups, some linked to China, use flaws in Microsoft mail to break servers

At least 10 hacking groups are using a flaw in Microsoft’s email software to break in to targets around the world, cybersecurity experts claim.

The security holes in the tech company’s mail and calendars system could make it vulnerable to industrial-scale cyber espionage, with some hackers linked to China.

This could allow hackers to steal emails from anyone with ease, the researchers at ESET found.  

Warnings have been issued by authorities in the US and Europe about the weaknesses found in Microsoft’s Exchange software 

Tens of thousands of organisations have already been compromised, Reuters reported last week.

While Microsoft has issued fixes, the sluggish pace of many customers’ updates means it remains open to hackers. 

Experts are particularly concerned about the prospect of ransom-seeking cybercriminals taking advantage of the flaws because it could lead to widespread disruption.

Slovakia-based ESET said in a blog post issued on Wednesday there were already signs of cybercriminal exploitation.

One group that specializes in stealing computer resources can mine cryptocurrency breaking in to vulnerable servers to spread its malicious software.

ESET named nine other espionage-focused groups it said were taking advantage of the flaws to break in to targeted networks – several of which other researchers have tied to China. 

Several of the groups appeared to know about the vulnerability before it was announced by Microsoft on March 2.

ESET researcher Matthieu Faou said in an email it was ‘very uncommon’ for so many different cyber espionage groups to have access to the same information before it is made public.

He speculated that either the information ‘somehow leaked’ ahead of the Microsoft announcement or it was found by a third party that supplies vulnerability information to cyber spies.