IMAGE: CATHRYN VIRGINIA/VICE
Hacking. Disinformation. Surveillance. CYBER is Motherboard's podcast and reporting on the dark underbelly of the internet.
Advertisement
Now, cybercriminals are piling on and trying to take advantage of the same vulnerabilities to make some cash. "In my opinion, this is poised to be pretty bad," said a Microsoft security researcher, who asked to remain anonymous because they were not authorized to speak to the press. The researcher said they think hackers are still in a preliminary phase where they are sorting what organizations they have hacked into before they decide who to try to monetize. Joe Slowik, a security researcher at DomainTools, told Motherboard in an online chat that while the government-backed hackers were targeting Exchange servers as a first step to hack into even more sensitive parts of an organization, the cybercrime gangs "will seek to execute disruptive effects such as ransomware."“This is poised to be pretty bad"
The good news is that, for now, cybercriminals have to manually target and exploit Exchange servers, and there's no evidence that they can make the ransomware spread in an automated way. "Based on all available information it is deployed post compromise via interactive operations and not automatically," Slowik said. "This makes it significantly different from a self-propagating ransomware variant like WannaCry."Do you have information about the breach of Microsoft Exchange servers or other data breaches? We’d love to hear from you. You can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, OTR chat at lorenzofb@jabber.ccc.de, or email lorenzofb@vice.com
Advertisement
Advertisement