{"id":64219,"date":"2021-04-13T16:32:40","date_gmt":"2021-04-13T14:32:40","guid":{"rendered":"https:\/\/blog.mailfence.com\/analise-hack-microsoft-exchange-server\/"},"modified":"2025-09-16T16:07:26","modified_gmt":"2025-09-16T14:07:26","slug":"analise-hack-microsoft-exchange-server","status":"publish","type":"post","link":"https:\/\/blog.mailfence.com\/pt\/analise-hack-microsoft-exchange-server\/","title":{"rendered":"An\u00e1lise do hack do Microsoft Exchange Server"},"content":{"rendered":"\n<p>J\u00e1 se passou mais de um m\u00eas desde que a Microsoft reconheceu pela primeira vez uma viola\u00e7\u00e3o de dados em seu local <a href=\"https:\/\/en.wikipedia.org\/wiki\/Microsoft_Exchange_Server\">Microsoft Exchange <\/a>Server. Os invasores foram capazes de obter <a href=\"https:\/\/en.wikipedia.org\/wiki\/Superuser\">privil\u00e9gios de administrator<\/a> em servidores afetados, acesso a e-mails e senhas de usu\u00e1rios e a dispositivos conectados na mesma rede. V\u00e1rias outras revela\u00e7\u00f5es tamb\u00e9m foram feitas.<br><\/p>\n\n\n\t\t<div data-elementor-type=\"section\" data-elementor-id=\"100849\" class=\"elementor elementor-100849 elementor-100761\" data-elementor-post-type=\"elementor_library\">\n\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-124e1725 elementor-section-content-middle elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"124e1725\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-no\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-654e4e21\" data-id=\"654e4e21\" data-element_type=\"column\" data-e-type=\"column\" data-settings=\"{&quot;background_background&quot;:&quot;gradient&quot;}\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-3a3b1a23 elementor-widget elementor-widget-text-editor\" data-id=\"3a3b1a23\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><b>Mailfence &#8211; Sua su\u00edte de produtividade segura<\/b><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2c004279 elementor-widget elementor-widget-text-editor\" data-id=\"2c004279\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><strong>Recupere sua privacidade com<\/strong><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-83e0dd6 elementor-icon-list--layout-inline elementor-align-center elementor-list-item-link-full_width elementor-widget elementor-widget-icon-list\" data-id=\"83e0dd6\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"icon-list.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul class=\"elementor-icon-list-items elementor-inline-items\">\n\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item elementor-inline-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-envelope-open-text\" viewBox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M176 216h160c8.84 0 16-7.16 16-16v-16c0-8.84-7.16-16-16-16H176c-8.84 0-16 7.16-16 16v16c0 8.84 7.16 16 16 16zm-16 80c0 8.84 7.16 16 16 16h160c8.84 0 16-7.16 16-16v-16c0-8.84-7.16-16-16-16H176c-8.84 0-16 7.16-16 16v16zm96 121.13c-16.42 0-32.84-5.06-46.86-15.19L0 250.86V464c0 26.51 21.49 48 48 48h416c26.51 0 48-21.49 48-48V250.86L302.86 401.94c-14.02 10.12-30.44 15.19-46.86 15.19zm237.61-254.18c-8.85-6.94-17.24-13.47-29.61-22.81V96c0-26.51-21.49-48-48-48h-77.55c-3.04-2.2-5.87-4.26-9.04-6.56C312.6 29.17 279.2-.35 256 0c-23.2-.35-56.59 29.17-73.41 41.44-3.17 2.3-6 4.36-9.04 6.56H96c-26.51 0-48 21.49-48 48v44.14c-12.37 9.33-20.76 15.87-29.61 22.81A47.995 47.995 0 0 0 0 200.72v10.65l96 69.35V96h320v184.72l96-69.35v-10.65c0-14.74-6.78-28.67-18.39-37.77z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\"><b>Mensagens<\/b><\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item elementor-inline-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-far-calendar-alt\" viewBox=\"0 0 448 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M148 288h-40c-6.6 0-12-5.4-12-12v-40c0-6.6 5.4-12 12-12h40c6.6 0 12 5.4 12 12v40c0 6.6-5.4 12-12 12zm108-12v-40c0-6.6-5.4-12-12-12h-40c-6.6 0-12 5.4-12 12v40c0 6.6 5.4 12 12 12h40c6.6 0 12-5.4 12-12zm96 0v-40c0-6.6-5.4-12-12-12h-40c-6.6 0-12 5.4-12 12v40c0 6.6 5.4 12 12 12h40c6.6 0 12-5.4 12-12zm-96 96v-40c0-6.6-5.4-12-12-12h-40c-6.6 0-12 5.4-12 12v40c0 6.6 5.4 12 12 12h40c6.6 0 12-5.4 12-12zm-96 0v-40c0-6.6-5.4-12-12-12h-40c-6.6 0-12 5.4-12 12v40c0 6.6 5.4 12 12 12h40c6.6 0 12-5.4 12-12zm192 0v-40c0-6.6-5.4-12-12-12h-40c-6.6 0-12 5.4-12 12v40c0 6.6 5.4 12 12 12h40c6.6 0 12-5.4 12-12zm96-260v352c0 26.5-21.5 48-48 48H48c-26.5 0-48-21.5-48-48V112c0-26.5 21.5-48 48-48h48V12c0-6.6 5.4-12 12-12h40c6.6 0 12 5.4 12 12v52h128V12c0-6.6 5.4-12 12-12h40c6.6 0 12 5.4 12 12v52h48c26.5 0 48 21.5 48 48zm-48 346V160H48v298c0 3.3 2.7 6 6 6h340c3.3 0 6-2.7 6-6z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\"><b>Calend\u00e1rios<\/b><\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item elementor-inline-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-far-folder\" viewBox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M464 128H272l-54.63-54.63c-6-6-14.14-9.37-22.63-9.37H48C21.49 64 0 85.49 0 112v288c0 26.51 21.49 48 48 48h416c26.51 0 48-21.49 48-48V176c0-26.51-21.49-48-48-48zm0 272H48V112h140.12l54.63 54.63c6 6 14.14 9.37 22.63 9.37H464v224z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\"><b>Documentos<\/b><\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item elementor-inline-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-users-cog\" viewBox=\"0 0 640 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M610.5 341.3c2.6-14.1 2.6-28.5 0-42.6l25.8-14.9c3-1.7 4.3-5.2 3.3-8.5-6.7-21.6-18.2-41.2-33.2-57.4-2.3-2.5-6-3.1-9-1.4l-25.8 14.9c-10.9-9.3-23.4-16.5-36.9-21.3v-29.8c0-3.4-2.4-6.4-5.7-7.1-22.3-5-45-4.8-66.2 0-3.3.7-5.7 3.7-5.7 7.1v29.8c-13.5 4.8-26 12-36.9 21.3l-25.8-14.9c-2.9-1.7-6.7-1.1-9 1.4-15 16.2-26.5 35.8-33.2 57.4-1 3.3.4 6.8 3.3 8.5l25.8 14.9c-2.6 14.1-2.6 28.5 0 42.6l-25.8 14.9c-3 1.7-4.3 5.2-3.3 8.5 6.7 21.6 18.2 41.1 33.2 57.4 2.3 2.5 6 3.1 9 1.4l25.8-14.9c10.9 9.3 23.4 16.5 36.9 21.3v29.8c0 3.4 2.4 6.4 5.7 7.1 22.3 5 45 4.8 66.2 0 3.3-.7 5.7-3.7 5.7-7.1v-29.8c13.5-4.8 26-12 36.9-21.3l25.8 14.9c2.9 1.7 6.7 1.1 9-1.4 15-16.2 26.5-35.8 33.2-57.4 1-3.3-.4-6.8-3.3-8.5l-25.8-14.9zM496 368.5c-26.8 0-48.5-21.8-48.5-48.5s21.8-48.5 48.5-48.5 48.5 21.8 48.5 48.5-21.7 48.5-48.5 48.5zM96 224c35.3 0 64-28.7 64-64s-28.7-64-64-64-64 28.7-64 64 28.7 64 64 64zm224 32c1.9 0 3.7-.5 5.6-.6 8.3-21.7 20.5-42.1 36.3-59.2 7.4-8 17.9-12.6 28.9-12.6 6.9 0 13.7 1.8 19.6 5.3l7.9 4.6c.8-.5 1.6-.9 2.4-1.4 7-14.6 11.2-30.8 11.2-48 0-61.9-50.1-112-112-112S208 82.1 208 144c0 61.9 50.1 112 112 112zm105.2 194.5c-2.3-1.2-4.6-2.6-6.8-3.9-8.2 4.8-15.3 9.8-27.5 9.8-10.9 0-21.4-4.6-28.9-12.6-18.3-19.8-32.3-43.9-40.2-69.6-10.7-34.5 24.9-49.7 25.8-50.3-.1-2.6-.1-5.2 0-7.8l-7.9-4.6c-3.8-2.2-7-5-9.8-8.1-3.3.2-6.5.6-9.8.6-24.6 0-47.6-6-68.5-16h-8.3C179.6 288 128 339.6 128 403.2V432c0 26.5 21.5 48 48 48h255.4c-3.7-6-6.2-12.8-6.2-20.3v-9.2zM173.1 274.6C161.5 263.1 145.6 256 128 256H64c-35.3 0-64 28.7-64 64v32c0 17.7 14.3 32 32 32h65.9c6.3-47.4 34.9-87.3 75.2-109.4z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\"><b>Grupos<\/b><\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t<\/ul>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-436babb elementor-align-center elementor-widget elementor-widget-button\" data-id=\"436babb\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"button.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<div class=\"elementor-button-wrapper\">\n\t\t\t\t\t<a class=\"elementor-button elementor-button-link elementor-size-sm\" href=\"https:\/\/mailfence.com\/pt\/#pricing\">\n\t\t\t\t\t\t<span class=\"elementor-button-content-wrapper\">\n\t\t\t\t\t\t\t\t\t<span class=\"elementor-button-text\">Crie sua conta gratuita no Mailfence<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\n\n\n<p><\/p>\n\n\n\n<h2 class=\"wp-block-heading has-large-font-size\" id=\"h-historico-do-hack-do-microsoft-exchange-server\">Hist\u00f3rico do hack do Microsoft Exchange Server<\/h2>\n\n\n\n<p>Em <strong>5 de janeiro de 2021<\/strong>, o pesquisador da empresa de testes de seguran\u00e7a DEVCORE investigadora, <a href=\"https:\/\/twitter.com\/orange_8361\/status\/1346401788811825153\">fez<\/a> o primeiro relat\u00f3rio conhecido de vulnerabilidade para a Microsoft. Isso foi depois <a href=\"https:\/\/krebsonsecurity.com\/2021\/03\/a-basic-timeline-of-the-exchange-mass-hack\/\">verificado<\/a> pela Microsoft em 8 de janeiro. V\u00e1rias viola\u00e7\u00f5es de Microsoft Exchange Servers locais foram observadas por v\u00e1rios jogadores durante o mesmo m\u00eas, todos os quais alertaram a Microsoft.<\/p>\n\n\n\n<p>Por volta <strong>de 26-27<\/strong> de fevereiro, os invasores come\u00e7aram a varredura em massa dos servidores Microsoft Exchange para fazer backdoor deles. Isso pareceu ser feito particularmente em <a href=\"https:\/\/www.nbcnews.com\/tech\/security\/really-messy-hack-microsofts-email-system-getting-worse-rcna377\">antecipa\u00e7\u00e3o<\/a> de um patch da Microsoft.<\/p>\n\n\n\n<p>Em <strong>02 de mar\u00e7o<\/strong>, Microsoft <a href=\"https:\/\/msrc-blog.microsoft.com\/2021\/03\/02\/multiple-security-updates-released-for-exchange-server\/\">liberada<\/a> atualiza\u00e7\u00f5es para corrigir 4 falhas de dia zero na base de c\u00f3digo do Microsoft Exchange Server, ao atribuir um <a href=\"https:\/\/www.microsoft.com\/security\/blog\/2021\/03\/02\/hafnium-targeting-exchange-servers\/\">grupo de hackers conhecido<\/a> com alta confian\u00e7a. Mais tarde, Later <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/more-hacking-groups-join-microsoft-exchange-attack-frenzy\/\">mais grupos de hackers<\/a> estavam ligados.<\/p>\n\n\n\n<p>Em <strong>05 de mar\u00e7o<\/strong>, um conhecido jornalista de seguran\u00e7a cibern\u00e9tica <a href=\"https:\/\/krebsonsecurity.com\/2021\/03\/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software\/\" target=\"_blank\" rel=\"noreferrer noopener\">deu a not\u00edcia<\/a> que pelo menos 30.000 organiza\u00e7\u00f5es nos EUA e milhares em todo o mundo, agora t\u00eam backdoors instalados. Os especialistas em seguran\u00e7a fizeram esfor\u00e7os para notificar as v\u00edtimas, ao mesmo tempo em que destacaram a prepara\u00e7\u00e3o para outra s\u00e9rie de ataques devido a <a href=\"https:\/\/blog.mailfence.com\/pt\/backdoors-criptografia-podem-funcionar\/\">backdoors<\/a> previamente instalados nos servidores afetados.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-situacao-atual-de-hack-do-microsoft-exchange-server\">Situa\u00e7\u00e3o atual de hack do Microsoft Exchange Server<\/h2>\n\n\n\n<p>Em <strong>12 de mar\u00e7o de 2021<\/strong>, Microsoft <a href=\"https:\/\/twitter.com\/briankrebs\/status\/1370565978153684994\">tweeted<\/a> que ainda h\u00e1 82.000 servidores Microsoft Exchange sem patch expostos. No entanto, devido \u00e0 n\u00e3o atualiza\u00e7\u00e3o a tempo, muitos desses servidores continuaram a ser violados. Um n\u00famero de <a href=\"https:\/\/blog.mailfence.com\/pt\/proteger-o-seu-dispositivo-contra-ransomware\/\">ransomware<\/a> foram implantados por atacantes, entretanto, em servidores previamente infectados.<\/p>\n\n\n\n<p>Em <strong>22 de mar\u00e7o,<\/strong> a Microsoft anunciou que em 92% dos servidores Exchange a explora\u00e7\u00e3o foi corrigida ou atenuada.<\/p>\n\n\n\n<p>Como os ataques utilizaram 4 fa\u00e7anhas de dia zero diferentes, encadeando-os para obter acesso de administrador nos servidores afetados, eles foram capazes de instalar backdoors. Portanto, \u00e9 muito importante para cada administrador do Microsoft Exchange Server local, n\u00e3o apenas corrigir, mas tamb\u00e9m corrigir qualquer explora\u00e7\u00e3o ou persist\u00eancia identificada (usando <a href=\"https:\/\/msrc-blog.microsoft.com\/2021\/03\/02\/multiple-security-updates-released-for-exchange-server\/\">diretrizes<\/a> pela Microsoft e outros <a href=\"https:\/\/us-cert.cisa.gov\/ncas\/current-activity\/2021\/03\/06\/microsoft-ioc-detection-tool-exchange-server-vulnerabilities\">independentes IoCs<\/a>).<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-mailfence-nao-foi-impactado\">Mailfence n\u00e3o foi impactado<\/h2>\n\n\n\n<p>Mailfence oferece conectividade de protocolo ActiveSync. Nossa implementa\u00e7\u00e3o do Exchange ActiveSync (EAS) usa <a href=\"https:\/\/docs.microsoft.com\/en-us\/openspecs\/exchange_server_protocols\/ms-oxprotlp\/229f77ea-6518-4fe7-84fe-bd535fc6c32e\">especifica\u00e7\u00f5es Microsoft<\/a> mas \u00e9 um protocolo de sincroniza\u00e7\u00e3o que n\u00e3o tem nada a ver com servidores Exchange. Eles simplesmente compartilham a palavra &#8216;troca&#8217;. N\u00e3o compartilhamos nenhum c\u00f3digo com o Microsoft Exchange Server oferecido no local (ou qualquer um de seus servi\u00e7os). Portanto, nosso servi\u00e7o n\u00e3o foi afetado.<\/p>\n\n\n\n<p>Tamb\u00e9m anunciamos isso usando nosso twitter:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"559\" height=\"441\" src=\"https:\/\/blog.mailfence.com\/wp-content\/uploads\/2021\/04\/image.png\" alt=\"\" class=\"wp-image-22051\" srcset=\"https:\/\/blog.mailfence.com\/wp-content\/uploads\/2021\/04\/image.png 559w, https:\/\/blog.mailfence.com\/wp-content\/uploads\/2021\/04\/image-300x237.png 300w\" sizes=\"auto, (max-width: 559px) 100vw, 559px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"561\" height=\"555\" src=\"https:\/\/blog.mailfence.com\/wp-content\/uploads\/2021\/04\/image-1.png\" alt=\"\" class=\"wp-image-22067\" srcset=\"https:\/\/blog.mailfence.com\/wp-content\/uploads\/2021\/04\/image-1.png 561w, https:\/\/blog.mailfence.com\/wp-content\/uploads\/2021\/04\/image-1-300x297.png 300w, https:\/\/blog.mailfence.com\/wp-content\/uploads\/2021\/04\/image-1-80x80.png 80w\" sizes=\"auto, (max-width: 561px) 100vw, 561px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-prefira-servicos-que-sao-privados-por-design-e-favorecem-a-criptografia\">Prefira servi\u00e7os que s\u00e3o privados por design e favorecem a criptografia<\/h2>\n\n\n\n<p>Mailfence \u00e9 um <a href=\"https:\/\/mailfence.com\/pt\/e-mail-seguro.jsp\">secure<\/a> e <a href=\"https:\/\/mailfence.com\/pt\/e-mail-privado.jsp\">private<\/a> servi\u00e7o de e-mail que <a href=\"https:\/\/blog.mailfence.com\/pt\/seguranca-anonimato-confidencialidade\/\">respeitar a privacidade de dados do usu\u00e1rio<\/a> e ofertas <a href=\"https:\/\/blog.mailfence.com\/pt\/criptografia-e-mail-ponta-a-ponta-como-funciona\/\">end-to-end encryption<\/a> para <a href=\"https:\/\/kb.mailfence.com\/categories\/encryption-and-digital-signatures\/\">e-mails<\/a>. End-to-end encrypted os dados permanecem protegidos mesmo com um servidor comprometido. Planejamos estender esse tipo de criptografia para mensagens de texto simples enviadas \/ recebidas e tamb\u00e9m para o componente Documentos. Tamb\u00e9m planejamos criptografar os dados em repouso no corrente deste ano, o que efetivamente adicionar\u00e1 outra camada de prote\u00e7\u00e3o aos dados dos usu\u00e1rios. Fique atento! Acesse a nossa <a href=\"https:\/\/mailfence.com\/pt\/imprensa.jsp\">p\u00e1gina de imprensa<\/a> para saber mais sobre a Mailfence.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>J\u00e1 se passou mais de um m\u00eas desde que a Microsoft reconheceu pela primeira vez uma viola\u00e7\u00e3o de dados em seu local Microsoft Exchange Server. Os invasores foram capazes de obter privil\u00e9gios de administrator em servidores afetados, acesso a e-mails e senhas de usu\u00e1rios e a dispositivos conectados na mesma rede. V\u00e1rias outras revela\u00e7\u00f5es tamb\u00e9m [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":85570,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[18582,1379],"tags":[],"class_list":["post-64219","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-noticias-do-mailfence","category-seguranca-de-email"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.4 (Yoast SEO v27.4) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>What happened with the Microsoft Exchange server hack | Mailfence Blog<\/title>\n<meta name=\"description\" content=\"Os servidores Microsoft Exchange foram hackeados revelando informa\u00e7\u00f5es. Mailfence n\u00e3o \u00e9 afetado. Usamos ActiveSync Exchange, n\u00e3o \u00e9 o mesmo\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.mailfence.com\/pt\/analise-hack-microsoft-exchange-server\/\" \/>\n<meta property=\"og:locale\" content=\"pt_BR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"An\u00e1lise do hack do Microsoft Exchange Server | Mailfence Blog\" \/>\n<meta property=\"og:description\" content=\"An\u00e1lise do hack do Microsoft Exchange Server | Mailfence Blog\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.mailfence.com\/pt\/analise-hack-microsoft-exchange-server\/\" \/>\n<meta property=\"og:site_name\" content=\"Mailfence Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/mailfence\/\" \/>\n<meta property=\"article:published_time\" content=\"2021-04-13T14:32:40+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-09-16T14:07:26+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blog.mailfence.com\/wp-content\/uploads\/2021\/04\/43.png\" \/>\n\t<meta property=\"og:image:width\" content=\"600\" \/>\n\t<meta property=\"og:image:height\" content=\"600\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"M Salman Nadeem\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@0xSalman\" \/>\n<meta name=\"twitter:site\" content=\"@mailfence\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"M Salman Nadeem\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. tempo de leitura\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"TechArticle\",\"@id\":\"https:\\\/\\\/blog.mailfence.com\\\/pt\\\/analise-hack-microsoft-exchange-server\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/blog.mailfence.com\\\/pt\\\/analise-hack-microsoft-exchange-server\\\/\"},\"author\":{\"name\":\"M Salman Nadeem\",\"@id\":\"https:\\\/\\\/blog.mailfence.com\\\/pt\\\/#\\\/schema\\\/person\\\/0a1800f7a6842b23ccef1107cec8c962\"},\"headline\":\"An\u00e1lise do hack do Microsoft Exchange Server\",\"datePublished\":\"2021-04-13T14:32:40+00:00\",\"dateModified\":\"2025-09-16T14:07:26+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/blog.mailfence.com\\\/pt\\\/analise-hack-microsoft-exchange-server\\\/\"},\"wordCount\":613,\"publisher\":{\"@id\":\"https:\\\/\\\/blog.mailfence.com\\\/pt\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/blog.mailfence.com\\\/pt\\\/analise-hack-microsoft-exchange-server\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/blog.mailfence.com\\\/wp-content\\\/uploads\\\/2021\\\/04\\\/43.png\",\"articleSection\":[\"Not\u00edcias do Mailfence\",\"Seguran\u00e7a de e-mail\"],\"inLanguage\":\"pt-BR\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/blog.mailfence.com\\\/pt\\\/analise-hack-microsoft-exchange-server\\\/\",\"url\":\"https:\\\/\\\/blog.mailfence.com\\\/pt\\\/analise-hack-microsoft-exchange-server\\\/\",\"name\":\"What happened with the Microsoft Exchange server hack | Mailfence Blog\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/blog.mailfence.com\\\/pt\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/blog.mailfence.com\\\/pt\\\/analise-hack-microsoft-exchange-server\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/blog.mailfence.com\\\/pt\\\/analise-hack-microsoft-exchange-server\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/blog.mailfence.com\\\/wp-content\\\/uploads\\\/2021\\\/04\\\/43.png\",\"datePublished\":\"2021-04-13T14:32:40+00:00\",\"dateModified\":\"2025-09-16T14:07:26+00:00\",\"description\":\"Os servidores Microsoft Exchange foram hackeados revelando informa\u00e7\u00f5es. Mailfence n\u00e3o \u00e9 afetado. Usamos ActiveSync Exchange, n\u00e3o \u00e9 o mesmo\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/blog.mailfence.com\\\/pt\\\/analise-hack-microsoft-exchange-server\\\/#breadcrumb\"},\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/blog.mailfence.com\\\/pt\\\/analise-hack-microsoft-exchange-server\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/blog.mailfence.com\\\/pt\\\/analise-hack-microsoft-exchange-server\\\/#primaryimage\",\"url\":\"https:\\\/\\\/blog.mailfence.com\\\/wp-content\\\/uploads\\\/2021\\\/04\\\/43.png\",\"contentUrl\":\"https:\\\/\\\/blog.mailfence.com\\\/wp-content\\\/uploads\\\/2021\\\/04\\\/43.png\",\"width\":600,\"height\":600,\"caption\":\"dhfhfhg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/blog.mailfence.com\\\/pt\\\/analise-hack-microsoft-exchange-server\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Homepage\",\"item\":\"https:\\\/\\\/blog.mailfence.com\\\/pt\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Seguran\u00e7a de e-mail\",\"item\":\"https:\\\/\\\/blog.mailfence.com\\\/pt\\\/category\\\/seguranca-de-email\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"An\u00e1lise do hack do Microsoft Exchange Server\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/blog.mailfence.com\\\/pt\\\/#website\",\"url\":\"https:\\\/\\\/blog.mailfence.com\\\/pt\\\/\",\"name\":\"Mailfence Blog\",\"description\":\"Mailfence Blog. Get the latest news about secure email and Internet privacy.\",\"publisher\":{\"@id\":\"https:\\\/\\\/blog.mailfence.com\\\/pt\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/blog.mailfence.com\\\/pt\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"pt-BR\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/blog.mailfence.com\\\/pt\\\/#organization\",\"name\":\"Mailfence\",\"url\":\"https:\\\/\\\/blog.mailfence.com\\\/pt\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/blog.mailfence.com\\\/pt\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/blog.mailfence.com\\\/wp-content\\\/uploads\\\/2022\\\/08\\\/Mailfence_logo_pict_and_word_BOUNDED_small.png\",\"contentUrl\":\"https:\\\/\\\/blog.mailfence.com\\\/wp-content\\\/uploads\\\/2022\\\/08\\\/Mailfence_logo_pict_and_word_BOUNDED_small.png\",\"width\":1812,\"height\":358,\"caption\":\"Mailfence\"},\"image\":{\"@id\":\"https:\\\/\\\/blog.mailfence.com\\\/pt\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/mailfence\\\/\",\"https:\\\/\\\/x.com\\\/mailfence\",\"https:\\\/\\\/www.reddit.com\\\/r\\\/Mailfence\\\/\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/mailfence\",\"https:\\\/\\\/www.instagram.com\\\/mailfence_\\\/\",\"https:\\\/\\\/www.youtube.com\\\/@mailfence\",\"https:\\\/\\\/en.wikipedia.org\\\/wiki\\\/Mailfence\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/blog.mailfence.com\\\/pt\\\/#\\\/schema\\\/person\\\/0a1800f7a6842b23ccef1107cec8c962\",\"name\":\"M Salman Nadeem\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b713e04b38c2f304dd32931299f537e1085a85b9d80a5a1d2b27063338033e41?s=96&d=blank&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b713e04b38c2f304dd32931299f537e1085a85b9d80a5a1d2b27063338033e41?s=96&d=blank&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b713e04b38c2f304dd32931299f537e1085a85b9d80a5a1d2b27063338033e41?s=96&d=blank&r=g\",\"caption\":\"M Salman Nadeem\"},\"description\":\"Salman works as an Information Security Analyst for Mailfence. His areas of interest include cryptography, security architecture and design, access control, and operations security. You can follow him on LinkedIn @mohammadsalmannadeem.\",\"sameAs\":[\"www.linkedin.com\\\/in\\\/mohammadsalmannadeem\",\"https:\\\/\\\/x.com\\\/0xSalman\"],\"url\":\"https:\\\/\\\/blog.mailfence.com\\\/pt\\\/author\\\/msalman\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"What happened with the Microsoft Exchange server hack | Mailfence Blog","description":"Os servidores Microsoft Exchange foram hackeados revelando informa\u00e7\u00f5es. Mailfence n\u00e3o \u00e9 afetado. Usamos ActiveSync Exchange, n\u00e3o \u00e9 o mesmo","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.mailfence.com\/pt\/analise-hack-microsoft-exchange-server\/","og_locale":"pt_BR","og_type":"article","og_title":"An\u00e1lise do hack do Microsoft Exchange Server | Mailfence Blog","og_description":"An\u00e1lise do hack do Microsoft Exchange Server | Mailfence Blog","og_url":"https:\/\/blog.mailfence.com\/pt\/analise-hack-microsoft-exchange-server\/","og_site_name":"Mailfence Blog","article_publisher":"https:\/\/www.facebook.com\/mailfence\/","article_published_time":"2021-04-13T14:32:40+00:00","article_modified_time":"2025-09-16T14:07:26+00:00","og_image":[{"width":600,"height":600,"url":"https:\/\/blog.mailfence.com\/wp-content\/uploads\/2021\/04\/43.png","type":"image\/png"}],"author":"M Salman Nadeem","twitter_card":"summary_large_image","twitter_creator":"@0xSalman","twitter_site":"@mailfence","twitter_misc":{"Escrito por":"M Salman Nadeem","Est. tempo de leitura":"4 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"TechArticle","@id":"https:\/\/blog.mailfence.com\/pt\/analise-hack-microsoft-exchange-server\/#article","isPartOf":{"@id":"https:\/\/blog.mailfence.com\/pt\/analise-hack-microsoft-exchange-server\/"},"author":{"name":"M Salman Nadeem","@id":"https:\/\/blog.mailfence.com\/pt\/#\/schema\/person\/0a1800f7a6842b23ccef1107cec8c962"},"headline":"An\u00e1lise do hack do Microsoft Exchange Server","datePublished":"2021-04-13T14:32:40+00:00","dateModified":"2025-09-16T14:07:26+00:00","mainEntityOfPage":{"@id":"https:\/\/blog.mailfence.com\/pt\/analise-hack-microsoft-exchange-server\/"},"wordCount":613,"publisher":{"@id":"https:\/\/blog.mailfence.com\/pt\/#organization"},"image":{"@id":"https:\/\/blog.mailfence.com\/pt\/analise-hack-microsoft-exchange-server\/#primaryimage"},"thumbnailUrl":"https:\/\/blog.mailfence.com\/wp-content\/uploads\/2021\/04\/43.png","articleSection":["Not\u00edcias do Mailfence","Seguran\u00e7a de e-mail"],"inLanguage":"pt-BR"},{"@type":"WebPage","@id":"https:\/\/blog.mailfence.com\/pt\/analise-hack-microsoft-exchange-server\/","url":"https:\/\/blog.mailfence.com\/pt\/analise-hack-microsoft-exchange-server\/","name":"What happened with the Microsoft Exchange server hack | Mailfence Blog","isPartOf":{"@id":"https:\/\/blog.mailfence.com\/pt\/#website"},"primaryImageOfPage":{"@id":"https:\/\/blog.mailfence.com\/pt\/analise-hack-microsoft-exchange-server\/#primaryimage"},"image":{"@id":"https:\/\/blog.mailfence.com\/pt\/analise-hack-microsoft-exchange-server\/#primaryimage"},"thumbnailUrl":"https:\/\/blog.mailfence.com\/wp-content\/uploads\/2021\/04\/43.png","datePublished":"2021-04-13T14:32:40+00:00","dateModified":"2025-09-16T14:07:26+00:00","description":"Os servidores Microsoft Exchange foram hackeados revelando informa\u00e7\u00f5es. Mailfence n\u00e3o \u00e9 afetado. Usamos ActiveSync Exchange, n\u00e3o \u00e9 o mesmo","breadcrumb":{"@id":"https:\/\/blog.mailfence.com\/pt\/analise-hack-microsoft-exchange-server\/#breadcrumb"},"inLanguage":"pt-BR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.mailfence.com\/pt\/analise-hack-microsoft-exchange-server\/"]}]},{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/blog.mailfence.com\/pt\/analise-hack-microsoft-exchange-server\/#primaryimage","url":"https:\/\/blog.mailfence.com\/wp-content\/uploads\/2021\/04\/43.png","contentUrl":"https:\/\/blog.mailfence.com\/wp-content\/uploads\/2021\/04\/43.png","width":600,"height":600,"caption":"dhfhfhg"},{"@type":"BreadcrumbList","@id":"https:\/\/blog.mailfence.com\/pt\/analise-hack-microsoft-exchange-server\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Homepage","item":"https:\/\/blog.mailfence.com\/pt\/"},{"@type":"ListItem","position":2,"name":"Seguran\u00e7a de e-mail","item":"https:\/\/blog.mailfence.com\/pt\/category\/seguranca-de-email\/"},{"@type":"ListItem","position":3,"name":"An\u00e1lise do hack do Microsoft Exchange Server"}]},{"@type":"WebSite","@id":"https:\/\/blog.mailfence.com\/pt\/#website","url":"https:\/\/blog.mailfence.com\/pt\/","name":"Mailfence Blog","description":"Mailfence Blog. Get the latest news about secure email and Internet privacy.","publisher":{"@id":"https:\/\/blog.mailfence.com\/pt\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.mailfence.com\/pt\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"pt-BR"},{"@type":"Organization","@id":"https:\/\/blog.mailfence.com\/pt\/#organization","name":"Mailfence","url":"https:\/\/blog.mailfence.com\/pt\/","logo":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/blog.mailfence.com\/pt\/#\/schema\/logo\/image\/","url":"https:\/\/blog.mailfence.com\/wp-content\/uploads\/2022\/08\/Mailfence_logo_pict_and_word_BOUNDED_small.png","contentUrl":"https:\/\/blog.mailfence.com\/wp-content\/uploads\/2022\/08\/Mailfence_logo_pict_and_word_BOUNDED_small.png","width":1812,"height":358,"caption":"Mailfence"},"image":{"@id":"https:\/\/blog.mailfence.com\/pt\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/mailfence\/","https:\/\/x.com\/mailfence","https:\/\/www.reddit.com\/r\/Mailfence\/","https:\/\/www.linkedin.com\/company\/mailfence","https:\/\/www.instagram.com\/mailfence_\/","https:\/\/www.youtube.com\/@mailfence","https:\/\/en.wikipedia.org\/wiki\/Mailfence"]},{"@type":"Person","@id":"https:\/\/blog.mailfence.com\/pt\/#\/schema\/person\/0a1800f7a6842b23ccef1107cec8c962","name":"M Salman Nadeem","image":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/secure.gravatar.com\/avatar\/b713e04b38c2f304dd32931299f537e1085a85b9d80a5a1d2b27063338033e41?s=96&d=blank&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/b713e04b38c2f304dd32931299f537e1085a85b9d80a5a1d2b27063338033e41?s=96&d=blank&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/b713e04b38c2f304dd32931299f537e1085a85b9d80a5a1d2b27063338033e41?s=96&d=blank&r=g","caption":"M Salman Nadeem"},"description":"Salman works as an Information Security Analyst for Mailfence. His areas of interest include cryptography, security architecture and design, access control, and operations security. You can follow him on LinkedIn @mohammadsalmannadeem.","sameAs":["www.linkedin.com\/in\/mohammadsalmannadeem","https:\/\/x.com\/0xSalman"],"url":"https:\/\/blog.mailfence.com\/pt\/author\/msalman\/"}]}},"_links":{"self":[{"href":"https:\/\/blog.mailfence.com\/pt\/wp-json\/wp\/v2\/posts\/64219","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.mailfence.com\/pt\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.mailfence.com\/pt\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.mailfence.com\/pt\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.mailfence.com\/pt\/wp-json\/wp\/v2\/comments?post=64219"}],"version-history":[{"count":8,"href":"https:\/\/blog.mailfence.com\/pt\/wp-json\/wp\/v2\/posts\/64219\/revisions"}],"predecessor-version":[{"id":103188,"href":"https:\/\/blog.mailfence.com\/pt\/wp-json\/wp\/v2\/posts\/64219\/revisions\/103188"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.mailfence.com\/pt\/wp-json\/wp\/v2\/media\/85570"}],"wp:attachment":[{"href":"https:\/\/blog.mailfence.com\/pt\/wp-json\/wp\/v2\/media?parent=64219"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.mailfence.com\/pt\/wp-json\/wp\/v2\/categories?post=64219"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.mailfence.com\/pt\/wp-json\/wp\/v2\/tags?post=64219"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}