![microsoft outlook hacks microsoft outlook hacks](https://i.pinimg.com/736x/ba/d0/5b/bad05bac588f4f5c956ac472ecfab5ef.jpg)
“We are aware of a small number of customers impacted by malicious routing to a server impersonating. UPDATE, 1/19/15, 3:20 PM ET: A Microsoft spokesperson has responded, saying:
MICROSOFT OUTLOOK HACKS UPDATE
We’ve reached out to Microsoft for comment on this attack, and will update if they offer a response. “If our accusation is correct, this new attack signals that the Chinese authorities are intent on further cracking down on communication methods that they cannot readily monitor.” “We once again suspect that Lu Wei and the Cyberspace Administration of China have orchestrated this attack or have willingly allowed the attack to happen,” writes in its report. It’s also one of many recent MITM attacks in China, including those affecting services from Google, Yahoo, and Apple in the past. The attack comes within a month of China blocking Gmail, which despite a slight recovery, is still inaccessible in China. “Given the dangerous nature of this attack on Outlook, we again strongly encourage organizations, including Microsoft and Apple, to immediately revoke trust for the CNNIC certificate authority,” says .īelow: What happens when a Chinese user accesses Outlook in their email client:
![microsoft outlook hacks microsoft outlook hacks](https://static.techspot.com/images2/news/ts3_thumbs/2018/05/2018-05-01-ts3_thumbs-4ec.jpg)
The self-signed certificate is suspected to be from CNNIC (China Internet Network Information Center), which is governed by the Cyberspace Administration of China, as this would be consistent with previous man-in-the-middle (MITM) attacks in China. But by doing so, their emails, contacts and passwords were able to be logged by the hacker. In most cases, they would simply hit “continue” to dismiss the message, likely thinking that a network problem was to blame. However, when reproduced the same result via the Firefox web browser, the message the browser offers is far more detailed, saying also that the error could means “that someone is trying to impersonate the site, and you shouldn’t continue.”ĭuring this attack, users would only see the pop-up warning when their email client tried to automatically retrieve new messages. For example, in an example screenshot posted, an iPhone warning message says “Cannot Verify Server Identity,” but asks if the user wants to continue anyway. The attack continued for a about a day, and has since stopped, the report states.Īffected users were shown warning messages in their email clients that weren’t as immediately worrisome as those web browsers display, which means that some users may not have been aware that an attack was taking place. It noted that IMAP and SMTP for Outlook were affected, but the web interfaces for Microsoft’s webmail services were not. was able to verify the attack itself, after receiving reports of its existence on January 17. Meanwhile, the attacker is able to read all the content they’re sharing. This is a form of eavesdropping where the attacker inserts himself in between the victims’ connections, relaying messages between them while the victims’ continue believe they have a secure, private connection.
![microsoft outlook hacks microsoft outlook hacks](https://i.ytimg.com/vi/--OR_qL26ho/maxresdefault.jpg)
![microsoft outlook hacks microsoft outlook hacks](https://4.bp.blogspot.com/-qCDSJn6aE5E/WrDf9UsMOgI/AAAAAAAA3s4/p_z8fdRrJhkGl1QSdX8hwjRR6yWIjZy1QCKgBGAs/s0/microsoft-outlook-hacks.jpg)
Only a few weeks after Google’s Gmail service was blocked in China, a new report from online censorship monitoring organization released this morning states that Microsoft’s email system Outlook was recently subjected to a “man-in-the-middle” attack in China.