US National Security Agency Accuses Russia Of Exploiting Flaw In Email Software

US National Security Agency Accuses Russia of Exploiting Flaw in Email Software

The US National Security Agency (NSA) in a statement on Thursday accused Russian military cyber specialists of exploiting flaws in an email technology called Exim

WASHINGTON (UrduPoint News / Sputnik - 28th May, 2020) The US National Security Agency (NSA) in a statement on Thursday accused Russian military cyber specialists of exploiting flaws in an email technology called Exim.

"Russian military cyber actors, publicly known as Sandworm Team, have been exploiting a vulnerability in Exim mail transfer agent (MTA) software since at least last August," the statement said. "The Russian actors, part of the General Staff Main Intelligence Directorate's (GRU) Main Center for Special Technologies (GTsST), have used this exploit to add privileged users, disable network security settings, execute additional scripts for further network exploitation.

"

The specific vulnerability being exploited, CVE-2019-10149, allows a remote attacker to execute commands and code of their choosing, the NSA said.

Exim, the release added, is a widely used MTA software for Unix-based systems and comes pre-installed in some Linux distributions.

The United States and its allies have repeatedly accused Russia of waging cyberattacks on other countries, but Moscow has consistently denied the allegations. The Russian Federal Security Service (FSB) has warned that global terrorist organizations and other malicious actors have the capacity to disguise cyberattacks so that they appear to have been waged by certain nations.