The U.S. National Security Agency says the same
Russian MILITARY hacking group that interfered in the 2016 presidential
election and unleashed a devastating malware attack the following year has been exploiting a major email server program since last August or earlier.
The timing of the agency’s advisory Thursday was unusual considering that the critical vulnerability in the Exim Mail Transfer Agent — which mostly runs on Unix-type operating systems — was identified 11 months ago, when a patch was issued.
Exim is so widely used — though far less known than such commercial alternatives as Microsoft’s proprietary Exchange — that some companies and government agencies that run it may still not have patched the vulnerability, said Jake Williams, president of Rendition Infosec and a former U.S. government hacker.