Microsoft server hack has now hit 400 victims, researchers say

WASHINGTON - A sweeping cyber-espionage campaign organisation centred on vulnerable versions of Microsoft’s server software has now claimed about 400 victims, according to researchers at Netherlands-based Eye Security.

The figure, which is derived from a count of digital artefacts discovered during scans of servers running vulnerable versions of Microsoft’s SharePoint software, compares with 100 organisations catalogued over the weekend. Eye Security says the figure is likely an undercount.

“There are many more, because not all attack vectors have left artifacts that we could scan for,” said Mr Vaisha Bernard, the chief hacker for Eye Security, which was among the first organisations to flag the breaches.

The details of most of the victim organisations have not yet been fully disclosed, but on July 23 a representative for the National Institutes of Health confirmed that one of the organisation’s servers had been compromised.

“Additional servers were isolated as a precaution,” he said.

The news of the compromise was first reported by the Washington Post.

The spy campaign kicked off after Microsoft failed to fully patch a security hole in its SharePoint server software, kicking off

a scramble to fix the vulnerability

when it was discovered.

Microsoft and its tech rival, Google owner Alphabet, have both said Chinese hackers are among those taking advantage of the flaw.

Beijing has denied the claim. REUTERS