With full court approval.
In what’s believed to be an unprecedented move, the FBI is trying to protect hundreds of computers infected by the Hafnium hack by hacking them itself, using the original hackers’ own tools (via TechCrunch).
The hack, which affected tens of thousands of Microsoft Exchange Server customers around the world and triggered a “whole of government response” from the White House, reportedly left a number of backdoors that could let any number of hackers right into those systems again. Now, the FBI has taken advantage of this by using those same web shells / backdoors to remotely delete themselves, an operation that the agency is calling a success.
“The FBI conducted the removal by issuing a command through the web shell to the server, which was designed to cause the server to delete only the web shell (identified by its unique file path),” explains the US Justice Department.
Comments are closed.