Warning for MILLIONS of Microsoft users as worldwide ‘update-resistant’ threat spotted – how to stay safe

MICROSOFT Exchange servers have been backdoored by threat actors worldwide.

Attackers are using a new malware to access Microsoft Exchange servers belonging to military and government entities in Europe, the Middle East, Africa and Asia.

1

Dubbed SessionManager, the malicious software poses as an Internet Information Services (IIS) module.

IIS is the legitimate web server installed by default on Microsoft Exchange servers. 

Typically, organizations enable IIS modules to streamline specific processes on their web infrastructure, per .

Roughly 34 servers belonging to 24 organizations have been infected with SessionManager since March 2021, Security firm Kaspersky .

Read more on Microsoft

END OF AN ERA

Official warning for Internet Explorer users as Microsoft shuts down browser

BROKEN WINDOWS

Microsoft warning for BILLIONS as malicious files spotted – how to stay safe

As of June 2022, around 20 organizations remained infected, Kaspersky said in a blog post on Thursday.

What does SessionManager do?

SessionManager can accomplish a number of things for threat actors, according to a report by .

The malware can drop and manage arbitrary files on comprised servers, execute code remotely, and link the victim's network to the bad actor's network.

Most read in Tech

APPLE JUICED

iPhone owners say new update kills battery – but it's too dangerous to skip

BANK RAIDER

Horror Android & iPhone mistake lets crooks clone cards for spending sprees

JAWSOME!

Terrifying clip shows what it’s like to be EATEN by a shark

DOLPHIN’S TEARS

World’s saddest dolphin recorded crying in empty ocean as he’s so lonely

Kaspersky explained further: "The SessionManager backdoor enables threat actors to keep persistent, update-resistant and rather stealth access to the IT infrastructure of a targeted organization."

"Once dropped into the victim's system, cybercriminals behind the backdoor can gain access to company emails."

They can also update malicious access by installing other types of malware or "clandestinely manage compromised servers, which can be leveraged as malicious infrastructure."

How can I protect myself/my organization?

Backdoor attacks are difficult to detect, however, there are steps you can take to keep your device(s) safe.

For starters, use an Antivirus that can identify and prevent a wide range of malware, including trojans and spyware.

Be vigilant when downloading files from the internet as many of them can be compromised or loaded with malware.

Read More On The Sun

'INCREDIBLE IMPACT'

Minecraft YouTuber passes away one year after cancer diagnosis

PARENTS' NIGHTMARE

Denise and Charlie's daughter Lola, 17, involved in terrifying car crash

You will definitely also want to use a Firewall, which is considered essential for backdoor protection.

Firewalls monitor all incoming and outgoing traffic on your device – so if someone is trying to get into your device, the firewall will keep them out.