interestingengineering.com
FBI Uses Hacker Tactics To Get Hackers Out of Microsoft Exchange Servers
The FBI has been authorized to start an operation to remove backdoors from hundreds of hacked Microsoft Exchange servers to protect them from hackers.
Local
The FBI was given court approval to protect hundreds of vulnerable computers in the U.S. from hackers by copying and removing web shells that provided backdoor access to Microsoft Exchange Server software.
The Texas-approved operation was made public on April 13, after hackers used such tactics to attack thousands of networks worldwide between January and February, said the court statement.
Per Microsoft, the hackers, that are believed to belong to a hacking group called Hafnium, used multiple zero-day vulnerabilities in Microsoft Exchange Server software to gain access to email accounts and placed web shells that provided backdoor access so they, and other hackers, could keep accessing the information.
Backdoor attacks and web shells
To provide a little detail, backdoor attacks negate regular authentication processes in order to access a system. They enable hackers to gain remote access, issuing commands remotely, and updating malware whenever they want.