By Raphael Satter and Christopher Bing

作者:拉斐尔·萨特和克里斯托弗·宾

WASHINGTON, March 2 (Reuters) -

路透华盛顿3月2日电- - -

A China-linked cyberespionage group has been remotely plundering email inboxes using freshly discovered flaws in Microsoft MSFT.O mail server software, the company and outside researchers said on Tuesday - an example of how commonly used programs can be exploited to cast a wide net online.

一个与中国有关联的网络间谍组织利用新发现的微软(Microsoft)漏洞，远程窃取电子邮件收件箱。O邮件服务器软件，该公司和外部研究人员在周二说，这是一个如何利用常用程序来撒网的例子。

In a blog post, Microsoft said the hacking campaign made use of four previously undetected vulnerabilities in different versions of the software and was the work of a group it dubs HAFNIUM, which it described as a state-sponsored entity operating out of China.

微软(Microsoft)在一篇博客文章中表示，此次黑客攻击利用了该软件不同版本中此前未被发现的4个漏洞，是一个名为铪(HAFNIUM)的组织所为。微软称该组织是一家在中国境外运营的政府支持实体。

In a separate blog post, cybersecurity firm Volexity said that in January it had seen the hackers use one of the vulnerabilities to remotely steal "the full contents of several user mailboxes." All they needed to know were the details of Exchange server and of the account they wanted to pillage its emails, Volexity said.

网络安全公司Volexity在另一篇博文中表示，今年1月，它看到黑客利用其中一个漏洞远程窃取了“几个用户邮箱的全部内容”。Volexity表示，他们只需要知道Exchange服务器的详细信息，以及他们想要窃取的电子邮件账户。

The Chinese Embassy in Washington did not immediately return messages seeking comment. Beijing routinely denies carrying out cyberespionage despite a drumbeat of allegations from the United States and others.

中国驻华盛顿大使馆没有立即回复置评请求。尽管美国和其他国家的指控不断，北京还是习惯性地否认从事网络间谍活动。

Ahead of the Microsoft announcement, the hackers' increasingly aggressive moves began to attract attention from across the cybersecurity community.

在微软宣布这一消息之前，黑客们日益咄咄逼人的行动开始吸引整个网络安全界的注意。

Mike McLellan, director of intelligence for Dell Technologies Inc's DELL.N Secureworks, said ahead of the Microsoft announcement that he had noticed a sudden spike in activity touching Exchange servers overnight on Sunday, with around 10 customers affected at his firm.

迈克·麦克莱伦，戴尔科技公司的戴尔情报总监。在微软宣布这一消息之前，他曾表示，他注意到周日晚上接触Exchange服务器的活动突然激增，大约有10名他公司的客户受到了影响。

Microsoft's near-ubiquitous suite of products has been under scrutiny since the hack of SolarWinds, SWI.N the Texas-based software firm that served as a springboard for several intrusions across government and the private sector. In other cases, hackers took advantage of the way customers had set up their Microsoft services to compromise their targets or dive further into affected networks.

自从SWI的SolarWinds被黑客攻击以来，微软几乎无处不在的产品套装一直在接受审查。这家总部位于德克萨斯州的软件公司是几起跨政府和私营部门入侵事件的跳板。在其他情况下，黑客利用客户设置微软服务的方式，危及目标或进一步潜入受影响的网络。

Hackers who went after SolarWinds also breached Microsoft itself, accessing and downloading source code - including elements of Exchange, the company's email and calendaring product.

攻击太阳风公司的黑客也侵入了微软本身，访问并下载了源代码——包括该公司的电子邮件和日历产品elements of Exchange。

McLellan said that for now, the hacking activity he had seen appeared focused on seeding malicious software and setting the stage for a potentially deeper intrusion rather than aggressively moving into networks right away.

麦克莱伦说，目前，他所看到的黑客活动似乎集中在播撒恶意软件，并为潜在的更深层次入侵做好准备，而不是积极地立即进入网络。

"We haven't seen any follow-on activity yet," he said. "We're going to find a lot of companies affected but a smaller number of companies actually exploited."

“我们还没有看到任何后续活动，”他表示。“我们会发现很多公司受到了影响，但只有少数公司真正受到了剥削。”

Microsoft said targets included infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and non-governmental groups.

微软表示，攻击目标包括传染病研究人员、律师事务所、高等教育机构、国防承包商、政策智库和非政府组织。

(Reporting by Raphael Satter and Christopher Bing; Editing by Dan Grebler)

(Raphael Satter和Christopher Bing报道;Dan Grebler编辑)

((Raphael.Satter@thomsonreuters.com;))

(Raphael.Satter@thomsonreuters.com。)