Spies hack high-value mail servers using an exploit from yesteryear
1 min read
Summary
Multiple high-value mail servers worldwide have been hacked by a group likely supported by the Russian government, according to security firm ESET.
The group, known as Sednit, exploited XSS (cross-site scripting) vulnerabilities in four types of mail server software: Roundcube, MDaemon, Horde and Zimbra.
The attacks recently targeted defence contractors in Bulgaria and Romania that produce Soviet-era weapons used in Ukraine.
Governments in Africa, the European Union and South America have also been targeted.
XSS vulnerabilities allow hackers to execute malicious code in the browsers of people visiting a website or opening certain emails.
While this type of bug was commonplace a decade ago, it is less prevalent now, but still poses a significant threat.
