Microsoft says some SharePoint server hackers now using ransomware
In the post, citing "expanded analysis and threat intelligence," Microsoft said a group it dubs "Storm-2603" is using the vulnerability to seed the ransomware, which typically works by paralyzing victims' networks until a digital currency payment is made.
The disclosure marks a potential escalation in the campaign, which has already hit at least 400 victims, according to Netherlands-based cybersecurity firm Eye Security. Unlike typical state-backed hacker campaigns, which are aimed at stealing data, ransomware can cause widespread disruption depending on where it lands.
The figure of 400 victims represents a sharp rise from the 100 organizations cataloged over the weekend. Eye Security says the figure is likely an undercount.
"There are many more, because not all attack vectors have left artifacts that we could scan for," said Vaisha Bernard, the chief hacker for Eye Security, which was among the first organizations to flag the breaches.
The details of most of the victim organizations have not yet been fully disclosed, but on Wednesday a representative for the National Institutes of Health confirmed that one of the organization's servers had been compromised.
"Additional servers were isolated as a precaution," he said. The news of the compromise was first reported by the Washington Post.
Other outlets said the hacking campaign had breached an even broader range of U.S. agencies. NextGov, citing multiple people familiar with the matter, reported the Department of Homeland Security had been hit, opens new tab, along with more than five to 12 other agencies.
Politico, which cited two U.S. officials, said multiple agencies were believed to have been breached, opens new tab.
DHS' cyberdefense arm, CISA, did not immediately return a message seeking comment on the reports. Microsoft did not immediately return a message seeking further details on the ransomware angle of the hacking or the reported government victims.
The spy campaign began after Microsoft failed to fully patch a security hole in its SharePoint server software, kicking off a scramble to fix the vulnerability when it was discovered.
Microsoft and its tech rival, Google-owner Alphabet (GOOGL.O), opens new tab, have both said Chinese hackers are among those taking advantage of the flaw. Beijing has denied the claim.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Reuters
22 minutes ago
- Reuters
Report: Dolphins, Minkah Fitzpatrick agree to reworked deal
July 27 - The Miami Dolphins and All-Pro safety Minkah Fitzpatrick agreed to a reworked contract, ESPN reported on Sunday. Fitzpatrick will receive a $16.435 million signing bonus and Miami will save $11 million against the 2025 salary cap, per the report. The Dolphins acquired Fitzpatrick from Pittsburgh last month in a trade that sent cornerback Jalen Ramsey and tight end Jonnu Smith to the Steelers. Fitzpatrick signed a four-year, $73.6 million extension with the Steelers in 2022 and hopes to eventually sign a long-term deal with Miami, according to agent Drew Rosenhaus. "We are comfortable with this commitment to Minkah as we continue to work with the Dolphins on a multiyear extension," Rosenhaus told ESPN on Sunday. Fitzpatrick, 28, is a five-time Pro Bowl and three-time All-Pro selection who launched his career in Miami as a first-round pick (11th overall) in the 2018 NFL Draft. Fitzpatrick recorded 96 tackles and one interception in 17 starts last season. He has 20 picks, 54 passes defensed and 608 tackles in 106 career games (101 starts) with the Dolphins (2018-19) and Steelers. --Field Level Media
Daily Mail
an hour ago
- Daily Mail
Four friends dead in horrific freeway car crash involving drunk driver
Four friends tragically lost their lives in a car accident after a drunk driver slammed into their vehicle on a freeway in Norwalk, California. At around 1am on July 20, the group of 24-year-olds was driving home from a concert when their Nissan got involved in a crash with a California Highway Patrol vehicle and stalled on in the middle of the 605 freeway. That's when a Kia slammed into the back of the Nissan at high speed, causing the latter to burst into flames and trapping the four friends inside, where they all died. According to officials, the Kia's driver was drunk. 'This was entirely preventable due to the fact that one of the drivers was driving under the influence,' said CHP Officer Zachary Salazar. The victims were identified as Julie Harmori, her boyfriend Armando Del Campo, and their two friends, Jordan Partidge and Sam Skocili. They were pronounced dead at the scene. Kathy Stickel, Harmori's aunt, said that Partridge had called her mother after the initial crash with the CHP vehicle to let her know that the group had been in accident, but that they were okay. However, in the middle of the call, the line went dead. This was the moment the Kia slammed into their car. Stickel said that the four friend had formed deep-rooted friendships with one another that stretched back many years. 'She was about the relationships,' Stickel said of her niece, adding that the group had been friends since junior high school. The families of all four victims are turning to each other for support. 'All the parents are checking on each other,' Stickel said. 'They're also checking on people who they've met through this whole tragedy.' Family members created a joint GoFundMe page to raise money for funeral expenses. 'Proceeds will be divided evenly among the four families' parents, as they scramble to memorialize their children,' the fundraiser page read. Heartbreaking The other two victims were identified as the couple's two friends, Sam Skocili left) and Jordan Partidge (right) The Kia driver, Iris Salmeron, 26, of Bellflower, and her passenger, who was unidentified, were taken to the hospital with serious injuries. Salmeron was arrested and is now facing multiple felony charges, including driving under the influence. CHP Officer Salazar said: 'Our hearts go out to the families who are involved in terms of the victims…our officers are going to investigate this to the best of their ability.'
Daily Mail
an hour ago
- Daily Mail
Police arrest Chuck E Cheese mascot for credit card fraud as kids look on
A man wearing a Chuck E Cheese mascot was taken away by police officers in cuffs at one of the restaurant chain's locations in Florida. Jermell Jones, a part-time employee at the restaurant, was entertaining when officers from the Tallahassee Police Department arrived and took him into custody still in his mouse costume. He was charged with three felony offenses tied to the theft and fraudulent use of a customer's credit card. The arrest was captured on video and widely shared on social media. TPD said Jones resisted when approached by officers forcing them to place him in cuffs. Critics have slammed the public nature of the arrest, questioning why police didn't wait until the man was out of costume to avoid traumatizing any kids. One person wrote on Facebook: 'Ok, Tallahassee Police Department, y'all couldn't let this man change out of his Chuck E Cheese costume before arresting him in front of those kids?' 'This wasn't well thought out at all. They should not have arrested the mascot in front of those children. Those children's lives have been changed forever because of this. They probably won't trust characters at Disney or anywhere else they go after this,' another added. 'Those poor kids are going to have after seeing this,' a third joked. According to TPD spokesperson Alicia Hill, officers were called to the Chuck E Cheese after a woman reported her credit card had been stolen during a birthday party that was held there in June. The victim said she later discovered roughly $100 in fraudulent charges from unfamiliar retailers. Using transaction records and surveillance, police were able to trace the activity back to an employee working at the restaurant - someone who was responsible for checking hand stamps at the door. But when officers arrived to make the arrest, they were told by another staffer that the suspect was now dressed in the full Chuck E Cheese mascot. 'When they approached him, he immediately tenses up and resists, and so at this point they make the decision to put him in handcuffs,' Hill said. 'Keeping in mind the safety of not only the customers, but the suspect, as well as the officers themselves.' At least one officer referred to the man by his character's name. 'Chuck E, come with me, Chuck E,' one officer said while grabbing the employee in costume. Hill said that while there's no official TPD policy regarding arrests made in costume or in front of children, the department relies on officer discretion to prioritize public safety and the preservation of evidence. Police say they recovered the stolen credit card in Jones's possession during the arrest. He was booked at Leon County Jail and charged with three felonies. 'When you have a victim outside, it doesn't matter what the dollar amount is,' Hill said. 'She was the victim of a fraud.' Jones has since been released on $1,000 bond. Reached for comment, a Chuck E Cheese employee at the Tallahassee location told reporters: 'It's unfortunate that it happened here,' adding that the arrest 'didn't have anything to do with the company.' In a statement to the Tallahassee Democrat, a representative for CEC Entertainment, the parent company of Chuck E Cheese confirmed: 'We are aware of an incident involving a part-time employee arrested at our Tallahassee location on Wednesday, July 23. We have taken the appropriate action concerning the subject employee.'
