In the United States: A judge approved an operation to clear “malicious web shells” from hundreds of infected machines.
According to the Department of Justice (DOJ), the FBI used the search warrant titled “Malicious software e-mail extractors” to erase “malicious web shells” from compromised Microsoft Exchange e-mail servers in the US. The DOJ said that some parts of the code included exploitable backdoors that may have provided third parties with unauthorised access to e-mails and US networks.
In early March, Microsoft released an urgent security fix. At least 30,000 businesses in the United States seemed to be attacked by hackers who stole e-mail messages from their networks.
DOJ said that some server owners were able to uninstall the dangerous site shells. However, others were totally unsuccessful, and hundreds of those residual shells remained unaffected. As a result, the FBI obtained a search warrant to access the Exchange servers. FBI was allowed to retrieve web-cloned info, copy it, and then erase it.
Once police confirmed that the operation has been finished, the summons would be sealed. The FBI is now attempting to notify all owners and operators of devices affected by the “malicious web shells” to delete them.
On the other hand, The Department of Justice announced that the operation was successful. But cautioned that other new or additional vulnerabilities may have been introduced, especially for servers that could have been accessed through the web.
Earlier this week, Microsoft released patches for known vulnerabilities as part of Microsoft’s monthly security update, including over 100 separate software programmes such as Windows 10, Exchange, Azure, and Microsoft Office.