GhostContainer backdoor: malware compromising Exchange servers of high-value organizations in Asia

July 17, 2025 invoker category_news

Security Update News

Update Information

Title GhostContainer backdoor: malware compromising Exchange servers of high-value organizations in Asia
Update ID SECURELIST:0FC93CDDAFE08B5CA2D9B1E7818BBCF2
Type securelist
Published 2025-07-17T08:00:53
Last Updated 2025-07-17T08:00:53

Security Impact

CVSS Score 9.0
Severity HIGH

AI Analysis

AI Description GhostContainer is a sophisticated backdoor malware targeting Microsoft Exchange servers, enabling attackers to execute commands, download files, and establish proxy connections. It uses multiple open-source projects to enhance its functionality and evade detection. This malware is part of an APT campaign targeting high-value organizations in Asia.
AI Severity Critical
AI Vendor Microsoft
AI Product Microsoft Exchange Server
AI Version 2010, 2013, 2016, 2019

Affected CVEs

  • CVE-2020-0688

Update Details

View Advisory Details

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.