New PowerExchange malware backdoors Microsoft Exchange servers
May 25, 2023
Bleeping computer reports* that A new PowerShell-based malware dubbed PowerExchange was used in attacks linked to APT34 Iranian state hackers to backdoor on-premise Microsoft Exchange servers. After infiltrating the mail server via a phishing email containing an archived malicious executable, the threat actors deployed a web shell named ExchangeLeech (first observed by the Digital14 Incident … More New PowerExchange malware backdoors Microsoft Exchange servers