Report: Hackers Using Ransomware to Target Microsoft Customers

Satya Nadella, CEO of Microsoft, speaks at a media event in San Francisco, California on March 27, 2014. Microsoft is tapping into its software past as it maps its future in the rapidly changing world of Internet technology. Newly anointed Microsoft chief Satya Nadella on Thursday laid out a vision …
Josh Edelson/AFP/Getty Images

Hackers are reportedly racing to use a new form of ransomware to target Microsoft Exchange business email servers that have yet to be updated since the company revealed a number of massive security vulnerabilities.

Windows Central reports that hackers are using a new ransomware attack called DearCry to target Microsoft Exchange business email servers that have yet to be updated. Breitbart News has reported extensively on the Microsoft Exchange hack.

Microsoft recently warned customers that it believes a Chinese-stated backed hacking group, referred to as Hafnium, has used four previously undisclosed security flaws in Microsoft’s Exchange Server enterprise email product in an attempt to steal private information.

The company stated that the group exploited the software in an attempt to steal information from a number of U.S.-based organizations including law firms and defense contractors but also appeared to target infectious disease researchers and policy think tanks.

The software giant claims that it has since patched the exploits but experts stated that the detection and cleanup process will be a huge effort for the millions of private businesses, state and city governments, school districts, financial institutions, fire and police departments, and other organizations.

Now, it’s being reported that the hack has affected at least 60,000 users worldwide, according to a former senior U.S. official with knowledge of the investigation. Many of the victims appear to be businesses targeted by hackers as Microsoft worked to shut down the hack.

Microsoft discussed the new ransomware attacks via its Microsoft Security Intelligence Twitter account. The company stated in a tweet that Microsoft Defender customers utilizing automatic updates don’t need to take any further action.

The cybersecurity firm Check Point Research (CPR) stated in a blog post that hackers are increasing their attacks on vulnerable servers. CPR stated that over a 24 hour period, exploitation attempts on organizations doubled every 2-3 hours. The firm stated:

Since the recently disclosed vulnerabilities on Microsoft Exchange Servers, a full race has started amongst hackers and security professionals. Global experts are using massive preventative efforts to combat hackers who are working day-in and day-out to produce an exploit that can successfully leverage the remote code execution vulnerabilities in Microsoft Exchange.

Read more at Check Point Research here.

Lucas Nolan is a reporter for Breitbart News covering issues of free speech and online censorship. Follow him on Twitter @LucasNolan or contact via secure email at the address


Please let us know if you're having issues with commenting.