{"id":121540,"date":"2021-04-14T11:22:41","date_gmt":"2021-04-14T18:22:41","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2021\/04\/the-fbi-is-remotely-hacking-hundreds-of-computers-to-protect-them-from-hafnium"},"modified":"2021-04-14T11:22:41","modified_gmt":"2021-04-14T18:22:41","slug":"the-fbi-is-remotely-hacking-hundreds-of-computers-to-protect-them-from-hafnium","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2021\/04\/the-fbi-is-remotely-hacking-hundreds-of-computers-to-protect-them-from-hafnium","title":{"rendered":"The FBI is remotely hacking hundreds of computers to protect them from Hafnium"},"content":{"rendered":"

<\/a><\/p>\n

With full court approval.<\/p>\n

\n

In what\u2019s believed to be an unprecedented move, the FBI is trying to protect hundreds of computers infected by the Hafnium hack by <\/em>hacking them itself<\/em><\/a>, using the original hackers\u2019 own tools (via TechCrunch<\/em><\/a>).<\/p>\n

The hack, which affected tens of thousands of Microsoft Exchange Server customers around the world and triggered a \u201cwhole of government response\u201d from the White House<\/a>, reportedly left a number of backdoors that could let any number of hackers right into those systems again. Now, the FBI has taken advantage of this by using those same web shells \/ backdoors to remotely delete themselves, an operation that the agency is calling a success.<\/p>\n

\u201cThe FBI conducted the removal by issuing a command through the web shell to the server, which was designed to cause the server to delete only the web shell (identified by its unique file path),\u201d explains the US Justice Department<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

With full court approval. In what\u2019s believed to be an unprecedented move, the FBI is trying to protect hundreds of computers infected by the Hafnium hack by hacking them itself, using the original hackers\u2019 own tools (via TechCrunch). The hack, which affected tens of thousands of Microsoft Exchange Server customers around the world and triggered [\u2026]<\/p>\n","protected":false},"author":396,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34,1490,418],"tags":[],"class_list":["post-121540","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode","category-government","category-internet"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/121540","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/396"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=121540"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/121540\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=121540"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=121540"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=121540"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}