Keylogging malware is a particularly dangerous as it is often designed to steal login passwords or other sensitive information from victims. When you add a compromised Exchange server to the mix, it makes things significantly worse for any organisation.
Positive Technologies researchers recently published a new report on a keylogger-based campaign that targets organisations worldwide. The effort, which is identical to an attack uncovered in 2024, targets compromised Microsoft Exchange Server installations belonging to 65 victims in 26 nations.
The attackers infiltrated Exchange servers by exploiting well-known security flaws or using completely novel techniques. After getting access, the hackers installed JavaScript keyloggers to intercept login credentials from the organization’s Outlook on the Web page.
OWA is the web version of Microsoft Outlook and is integrated into both the Exchange Server platform and the Exchange Online service within Microsoft 365. According to the report, the JavaScript keyloggers gave the attackers persistence on the compromised servers and we
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: