Thanks to a 'flaw' in some Microsoft systems, hundreds of companies around the world, including several in Italy, would have been attacked by hackers intent on taking control of corporate PCs and servers.
According to what is learned, investigative investigations by the experts of the Postal Police are underway on the aspects of the affair linked to our country after the reports received by the American company itself.
In recent days, the EBA, the European Banking Authority, has also suffered a cyber-attack on its Microsoft Exchange servers and in its statement pointed out that other institutions in the world have been victims of a similar attack.
Microsoft has announced that it has detected some vulnerabilities in its systems and has launched updates to be installed as soon as possible to solve the problem.
The attack by the hackers would be concentrated in that window of time between the communication from Microsoft and the installation of the update by end users.
And it would be the work of Chinese hackers.
Over 125 thousand servers in the world are exposed to the attack on Microsoft Exchange, for which the Italian Postal Police is also investigating.
These are the data of researchers from Palo Alto Networks, according to which the United States would be at the top of the list of countries with the most vulnerable servers (33,000), followed by Germany: (21,000), United Kingdom (7,900), France (5,100) and Italy (4,600).
Also according to researchers from Palo Alto Networks, the attacks date back to January and early March, Microsoft announced the discovery of four critical 'zero days' vulnerabilities, that is, never exploited, of Microsoft Exchange servers.
"These vulnerabilities - they explain - allow adversaries to access Microsoft Exchange servers and potentially gain long-term access to the victims' environments. Several threat actors are currently exploiting these vulnerabilities."
Specifically, servers that have not been updated by Microsoft are using DearCry ransomware which creates encrypted copies of files, deletes the originals and then demands a ransom.
/cloudfront-eu-central-1.images.arcpublishing.com/prisa/WQEEUVRP3BB57M7LND37U7VREE.png)
/cloudfront-eu-central-1.images.arcpublishing.com/prisa/S7ERVSCT4FUVX6R7TUVBDNTH5Y.jpg)
