Is your Exchange Server an open backdoor to hackers?
A New Research Article By Cyber-Security Firm ESET Outlines A Complex Backdoor Hack Specifically Targeting Microsoft Exchange Servers.
The exploit, called LightNeuron, works as an MTA agent and allows hackers to gain full control over all mail traffic, including the ability to intercept, redirect, or modify the content of inbound and outbound messages. Obviously, this is a serious systems compromise that can easily go undetected.
This exploit is the real deal and has been tied to a group of hackers known as Turla APT who have been credited with some complicated and destructive hacks.
Once a Microsoft Exchange server is infected, hackers never need to connect to it directly. Instead, they send command and control emails with hidden commands imbedded in PDF or JPG attachments using a strategy known as steganography.
We encourage you to review the ESET white paper that outlines the attack in more detail and also provides detailed removal instructions.
Download the white paper here.
Ready to Talk Through Your Migration?
Priasoft has been handling Exchange and Microsoft 365 migrations since 1999. Whether you're scoping a new project or recovering from a stalled one, our engineers have seen it before. No sales pitch — just a working conversation with people who have done this work at scale.
