Microsoft Probing Whether Leak Played Role in Suspected Chinese Hack

Microsoft is investigating whether a world-wide cyberattack on tens of thousands of its corporate customers may be linked to a leak of information by the company or its partners, WSJ reported Friday, citing people familiar with the matter. From a report: The investigation centers in part on the question of how a stealthy attack that began in early January picked up steam in the week before the company was able to send a software fix to customers. In that time, a handful of China-linked hacking groups obtained the tools that allowed them to launch wide-ranging cyberattacks that have now infected computers all over the world running Microsoft’s Exchange email software. Some of the tools used in the second wave of the attack, which is believed to have begun Feb. 28, bear similarities to âoeproof-of-conceptâ attack code that Microsoft distributed to antivirus companies and other security partners Feb. 23, investigators at security companies say. Microsoft had planned to release its security fixes two weeks later, on March 9, but after the second wave began it pushed out the patches a week early, on March 2, according to researchers.