New: Threat Exposure Validation Impact Report 2025
Learn More
Join our Summer Webinar Series on Threat Exposure Validation
Register Now
Meet the team at Infosecurity Europe 2025
Book a Meeting

Proxy Exploit Chains Used To Attack Exchange Servers

February 8, 2023

The ProxyLogon, ProxyShell, ProxyNotShell, and OWASSRF exploit chains were used to attack Microsoft Exchange servers across a range of sectors including real estate, law firms, manufacturing, consulting, wholesale, and arts and entertainment. Exploitation of the flaws resulted in systems infected with web shells, ransomware, remote access tools, and backdoors. Multiple legitimate Windows binaries were used to carry out the attacks including PowerShell, Rundll32, Ping, and Net.