FBI accessing computers accross US to remove malicious web shells

FBI accessing computers accross US to remove malicious web shells

The FBI is accessing computers across the United States without informing owners to prevent Hafnium Group from Exploiting MS Exchange Server vulnerabilities.


Microsoft Email Exchange Server is used by companies and businesses around the globe and since the service has been found to be vulnerable the FBI is accessing computers in the country to “copy and remove malicious web shells.”


FBI Receives Permission from DoJ to Access Computers 


The Department of Justice (DoJ) has granted the FBI permission to access hundreds of computers across the U.S. that are still running unpatched versions of the Microsoft Exchange Server software. The FBI will now remove web shells left by the Hafnium hacking group who penetrated the systems earlier. 


This is indeed an unprecedented step and shows that law enforcement will step in and take control of the situation, even if it doesn’t involve your consent when facing such large-scale hacking operations.


In this case, those users who haven’t or aren’t willing to patch their systems will not be informed, and the FBI will do the job on their behalf. 


The announcement read:



“The Justice Department today announced a court-authorized operation to copy and remove malicious web shells from hundreds of vulnerable computers in the United States running on-premises versions of Microsoft Exchange Server software used to provide enterprise-level email service.”


The impacted servers are located in ..