Tally of Microsoft Victims Surges to 400 as Hackers Capitalize on SharePoint Flaw

(Bloomberg)-According to a research company, the number of companies and organizations that are compromised on a vulnerability on the Sharepoint servers of Microsoft Corp.’s Sharepoint servers is rapidly increasing and according to a research company, the victims rise more than six times in a few days.

According to estimates of eye safety, the Netherlands Cyber Security Company, which determined an early wave of attacks last week, violated approximately 400 state institutions, companies and other groups. This came from about 60 based on the previous estimate given to Bloomberg News on Tuesday.

The security company said that most of the victims were in the US and followed by Mauritius, Jordan, South Africa and the Netherlands. Bloomberg, the US agency responsible for protecting and designing the nuclear weapon cache of the nation, was among those who were violated.

Hacks are among the latest major violations that Microsoft accused at least partly in China and blames among the global security and trade between Washington and Beijing. The United States has repeatedly criticized China for campaigns that have been stolen government and institutional secrets for decades.

“We estimate that the real number may be much higher, because there may be much more hidden ways to compromise on non-traces, Va “This is still developing and other opportunistic enemies continue to benefit from vulnerable servers.”

Bernard said that many people working in government, education and technology services of the organizations that were in danger in Sharepoint violations. In Europe, Asia, Middle East and South America, there were fewer victims.

Security flaws allow computer pirates to play switchs that can allow users or services to access Sharepoint servers and steal the keys that allow them to steal hidden data to potentially agreed networks. Microsoft released patches to correct security gaps, but researchers warned that pirates may have already had a basis for many servers.

On Tuesday, Microsoft accused Chinese state -supported computer pirates of being behind the attacks, known as Keten Typhoon and Violet Typhoon. According to the company, another Chinese-based hacking group, which Microsoft was looking for Storm-2603, exploited them.

Redmond, Washington Company repeatedly accused China for major cyber attacks. In 2021, tens of thousands of Microsoft Exchange, alleged to be China’s operation, endangered the server. In 2023, another China’s attack on Microsoft Exchange endangered the E -Posta accounts of senior US officials. A US government investigation later accused Microsoft of the 2023 incident of a “gradual safety failures”.

Eth Zurich, who specializes in analyzing Chinese cyber attacks, said that Eugenio Benicasa, a researcher at the Security Research Center, was accused of allegedly involved in the Hack campaigns that have previously been involved in the US organizations in the United States. The authority is known for their “comprehensive espionage ..

According to Benincasa, Sharepoint violations are carried out by the government’s power of attorney groups instead of Chinese government agencies that perform directly hacking. Authorized, private hacking companies in the country sometimes participated in “hacker for rire” operations, he added.

“Now, at least three groups have been reported to use the same vulnerability, it is reasonable that it can follow more.”

The Chinese Embassy in Washington said on Tuesday that China is contrary to all kinds of cyber attacks and cyber crimes.

“We are also firmly against the transmission of others without solid evidence,” the Embassy said. “We hope that the parties will adopt a professional and responsible attitude while characterizing cyber events, based on sufficient evidence rather than unfounded speculation and accusations.”

According to Microsoft, the hacking group Linen Typhoon was first identified in 2012 and focused on stolen intellectual property targeting the government, defense, strategic planning and human rights -related organizations. Violet Typhoon, which was first observed in 2015, was “dedicated to espionage” and primarily targeted the media and education sectors in the United States, Europe and East Asia as well as former government and military personnel, non -governmental organizations.

Bloomberg reported that pirates used Sharepoint flaws to enter the US Education Department, Florida Revenue Department and Rhode Island General Assembly.

There are more stories like this Bloomberg.com