Exchange Servers Targeted with 0-Day Exploits

A recent article coming directly from Microsoft, released on March 2nd, highlights how a hacker group from China has been trying to seize control over Microsoft Exchange Servers worldwide, at least 30,000 in the US alone, so far.

It notable that Microsoft’s article reports they have “detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. In the attacks observed, the threat actor used these vulnerabilities to access on-premises Exchange servers which enabled access to email accounts and allowed the installation of additional malware to facilitate long-term access to victim environments. Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to HAFNIUM, a group assessed to be state-sponsored and operating out of China, based on observed victimology, tactics and procedures.”

Other recent updates from the tech giant on 03/04 and 03/05 address the Scan Exchange log files for indicators of compromise and Microsoft Exchange Server Vulnerabilities Mitigations, respectably.



Hafnium is a lustrous, silvery-gray metal. It was named after the Latin word for Copenhagen: Hafnia. The connection between the metal or its name and the hacker group is to be determined.

What is known is that these bad guys primarily target entities in the United States across several industry sectors, including infectious disease researchers, law firms, higher education institutions, defense contractors, and NGOs – as Microsoft investigation reports. The hacker group operates primarily from leased virtual private servers (VPS) in the US.


Sequentur clients are not affected by this situation as we keep providing reliable, robust, and secure Managed IT Services in Florida, the East Coast, and nationwide. Contact us today to know more.


Additional Resources

Microsoft Article – worth checking for technical details, attack details, patch levels of Exchange Server, and other Tech info.

Microsoft Exchange Server Vulnerabilities Mitigations – March 2021


Be on-premise or remote, we’ll be your virtual IT team or even become an extension of your current one, bringing years of experience and skilled engineers to reinforce your ranks.

Call us today and get started!

  • cyber security
  • cybersecurity
  • it support
  • managed it services
  • top cloud managed service providers
Share with:

One comment

  • jacobegan

    April 8, 2021 at 10:07 pm

    Thanks for sharing your info. I truly appreciate
    your efforts and I am waiting for your next post thank you once again.

Comments are closed.

Email Subscription


Sign up for tips and news from Sequentur