China-based government hackers have exploited a bug in Microsoft’s email server software to target U.S. organizations, the company said Tuesday.
Microsoft
MSFT,
-1.30%
said that a “highly skilled and sophisticated” state-sponsored group operating from China has been trying to steal information from a number of American targets, including universities, defense contractors, law firms and infectious-disease researchers.
Microsoft said it has released security upgrades to fix the vulnerabilities to its Exchange Server software, which is used for work email and calendar services, mostly for larger organizations that have their own in-person email servers. It doesn’t affect personal email accounts or Microsoft’s cloud-based services.
The company said the hacking group it calls Hafnium was able to trick Exchange servers into allowing it to gain access. The hackers then masqueraded as someone who should have access and created a way to control the server remotely so that they could steal data from an organization’s network.
Microsoft said the group is based in China but operates from leased virtual private servers in the U.S., which helps it avoid detection.
The company declined to name any specific targets or say how many organizations were affected.
Reston, Virginia-based cybersecurity firm Volexity, which Microsoft credits for helping to detect the intrusions, said its network security monitoring service began picking up on a suspiciously large data transfer in late January.
“They’re just downloading email, literally going to town,” said Steven Adair, Volexity’s president, who said the targets have included “defense contractors, international aid and development organizations, the NGO think-tank community.”
Adair said he’s concerned that the hackers are going to accelerate their activity in the coming days before organizations are able to install Microsoft’s security upgrades.
“As bad as it is now, I think it’s about to get a lot worse,” he said. “This gives them a limited amount of opportunity to go and exploit something. The patch isn’t going to fix that if they left their backdoor behind.”
BRUSSELS—The European Union will impose fresh sanctions on Russian officials over the jailing of opposition leader Alexei Navalny and will move ahead with measures to challenge Beijing over its crackdown in Hong Kong, signaling a shift in the bloc’s position on the two countries toward the U.S.’s.
EU foreign policy chief Josep Borrell said Monday evening he will propose a list of Russian officials to be hit with asset freezes and travel bans over the Navalny case. Speaking after a meeting of EU foreign ministers, he said he hopes the list will be approved within a week.
The sanctions will target “those responsible for his arrest, sentencing and persecution,” Mr. Borrell said in a press conference. Two diplomats said they expected the EU to sanction around half a dozen people.
It will be the first use of the EU’s new human-rights sanctions framework, similar to the U.S. Magnitsky Act.
The EU decision came as foreign ministers held a two-hour videoconference with U.S. Secretary of State Antony Blinken. Discussions touched on a range of subjects from the Biden administration’s goal of working with European allies on challenges from Russia and China to the Iranian nuclear deal.
WASHINGTON—One of the largest makers of voting machines in the U.S. on Monday sued a prominent supporter of former President Donald Trump, alleging that the businessman had defamed the company with false accusations that it had rigged the 2020 election for Joe Biden.
Dominion Voting Systems sued Mike Lindell, chief executive of Minnesota-based MyPillow Inc., and his company in the U.S. District Court for the District of Columbia, seeking more than $1.3 billion in damages.
In its complaint, the company cites a number of statements made by Mr. Lindell, including in media appearances, social-media posts, and a two-hour film claiming to prove widespread election fraud. Mr. Lindell said he helped produce the film, which he released online in early February.
The complaint alleges that Mr. Lindell made false claims about the integrity of Dominion’s voting machines and that he knew no credible evidence supported his claims that the company had stolen the election from Mr. Trump—what Dominion has called the “Big Lie.”
“He is well aware of the independent audits and paper ballot recounts conclusively disproving the Big Lie,” the complaint states. “But Lindell…sells the lie to this day because the lie sells pillows.”
A hacker claims to have stolen files belonging to the global law firm Jones Day and posted many of them on the dark web.
Jones Day has many prominent clients, including former President Donald Trump and major corporations.
Jones Day, in a statement, disputed that its network has been breached. The statement said that a file-sharing company that it has used was recently compromised and had information taken. Jones Day said it continues to investigate the breach and will continue to be in discussion with affected clients and appropriate authorities.
The posting by a person who self-identified as the hacker, which goes by the name Clop, includes a few individual documents that are easily reviewed by the public, including by The Wall Street Journal. One memo is to a judge and is marked “confidential mediation brief,” another is a cover letter for enclosed “confidential documents.” The Journal couldn’t immediately confirm their authenticity.
The Journal was able to see the existence of many more files—mammoth in size—also purported to belong to Jones Day, posted by the hacker on the so-called dark web. Hackers typically post such stolen information after the hacked entity fails to pay a ransom. The Journal was able to contact the hacker using an email on its blog.
Several alleged members of the far-right Proud Boys were arrested Thursday on conspiracy and other charges for their alleged involvement in the U.S. Capitol riot, as prosecutors continue to home in on far-right groups and examine what planning might have gone into the attack.
Kansas resident William Chrestman and four others were arrested in Missouri and Arizona, authorities said, describing in two complaints allegations that the five people coordinated their efforts to advance together onto the Capitol grounds, dressed in tactical gear bearing strips of orange tape.
According to several of Mr. Chrestman’s friends and former classmates, he grew up in California, developing more radical views in recent years. They said that before his Facebook page was deleted he posted conspiracy theories there about vaccines and QAnon, and engaged with people in heated online debates.
Affidavits for the arrest of the five people said they marched as a group with other known members of the Proud Boys, which describes itself as an organization for “Western chauvinists.” Several of those members have been previously arrested on similar charges, and, according to the affidavits, worked to prevent law enforcement from securing the area.
Since the riot on Jan. 6, more than 200 participants have been arrested on charges ranging from unlawful entry of a restricted building to assaulting federal officers. Prosecutors have also focused more specifically on alleged members of the Proud Boys and several militia groups including the Oath Keepers, building cases that accuse small subsets of the larger group of rioters of coordinating their actions and planning the assault in advance.
An executive at Tencent Holdings Ltd. , China’s most valuable publicly listed company, has been held by Chinese authorities, part of a probe into a high-profile corruption case involving one of the country’s former top law-enforcement officials, people familiar with the matter said.
Zhang Feng has been under investigation by China’s antigraft inspector since early last year for alleged unauthorized sharing of personal data collected by Tencent’s social-media app WeChat, the people said. They said Mr. Zhang was suspected of turning over WeChat data to former Vice Public Security Minister Sun Lijun, who is being investigated by Beijing for undisclosed violations of Communist Party rules.
Investigators are looking at what type of data Mr. Zhang allegedly might have shared with Mr. Sun and what Mr. Sun might have done with it, the people said.
Hong Kong-listed Tencent, which has a market capitalization of about $900 billion, confirmed Thursday that Mr. Zhang is under investigation. The case “relates to allegations of personal corruption and has no relation to WeChat or Weixin,” a spokesman said in a statement to The Wall Street Journal. Weixin is WeChat’s sister app for the Chinese market.
Mr. Zhang was referred to as a Tencent vice president in a statement released by the municipal government of Zhangjiakou, a city near Beijing, in which he was described as having met the city’s mayor in October 2018.
agreed Thursday to pay $7 billion in compensation to the state of Minas Gerais where the collapse of its dam two years ago killed 270 people, polluted rivers and obliterated the surrounding landscape.
The settlement, the biggest in Brazilian legal history, is a watershed moment for a country long hampered by impunity and where miners and big businesses have often exerted more power than the state, especially in rural areas.
Public prosecutors said the $7 billion agreement is meant to compensate the state for the socioeconomic and environmental damage caused by the disaster. But it doesn’t affect the many pending homicide and other criminal charges in the case against the world’s largest iron-ore miner and former executives, including Vale’s previous chief executive,
Fabio Schvartsman.
The attorney general of Minas Gerais state,
Jarbas Soares Júnior,
said he hoped the size of Thursday’s settlement would send a message to the rest of the world: “We will not accept the exploitation of our resources without a minimum level of commitment to social and environmental responsibility.”
Vale accepted the decision and said it would book an additional expense of about $3.7 billion in its 2020 results.
“Vale is committed to fully repair and compensate the damage caused by the tragedy in Brumadinho and to increasingly contribute to the improvement and development of the communities in which we operate,” CEO
Eduardo Bartolomeo
said. “We know that we have work to do and we remain firm in that purpose.”
Vale’s investors welcomed the settlement as a way to avoid a drawn-out court battle, as did public prosecutors who cited other lawsuits over environmental problems in the state that haven’t been resolved after nearly 20 years.
The miner’s shares, which have increased about 60% in value since the dam collapsed, initially rose after news of the settlement, signaling investors’ hopes that the company can finally move past the disaster.
“Vale was able to get a discount of about one-third based on what the state government was asking, so they were skillful in this negotiation,” said
Ilan Arbetman,
an equities analyst at the Brazilian brokerage Ativa Investimentos. The miner has already provisioned a big part of the agreed value and is benefiting from high iron-ore prices, he said.
When Vale’s dam burst near the town of Brumadinho in January 2019, it unleashed a tsunami of mining waste speeding down the valley at up to 50 miles an hour, wiping out the on-site canteen where many workers were at lunch and destroying nearby homes and a guesthouse.
Two years later, the bodies of 11 victims still haven’t been found.
The collapse, one of the deadliest anywhere in the world, came only three years after a dam at another iron-ore mine jointly owned by Vale ruptured 100 miles away in the town of Mariana, killing 19 people and polluting more than 400 miles of river. The company vowed at the time that such a disaster would never happen again.
The settlement funds will be spent on environmental projects and shoring up local water supplies as well as improving transport networks and health services. The agreement also includes Vale’s initial costs in the aftermath of the disaster, when the company paid for temporary housing, mental-health professionals and emergency monthly stipends for residents.
Suicides and attempted suicides in Brumadinho soared in the year following the collapse, particularly among women. Some lost their husbands, sons and fathers at the mine, one of the region’s biggest employers, and were forced to wait months for rescue workers to recover the remains of their loved ones from the hardened mud.
Following the Mariana collapse in 2015, Vale and its partner at that dam,
BHP Group Ltd.
, created the Renova Foundation to manage compensation, which said it had paid out about $2.1 billion as of December last year. Prosecutors have said they believe that the second dam collapse in 2019 might not have occurred if Vale and BHP had faced tougher consequences for the first one.
In January last year, Brazilian prosecutors charged former Vale CEO Mr. Schvartsman and 10 others from the mining company with homicide. They also filed homicide charges against five people at Germany’s TÜV SÜD, the auditing company that certified the mine-waste dam as safe months before it ruptured.
All 16 people, including several high-level executives and directors at Vale, were also charged with environmental crimes, as were both companies as entities. Those charges are still being disputed in Brazil’s court system.
Prosecutors said last year it was clear that the dam had presented a critical structural risk since at least 2017 and that Vale had been fully aware of its safety problems. The German inspector certified the dam as safe despite also knowing about its structural problems, eyeing a chance to win multiple contracts with Vale and expand its Brazilian operations, they said.
As part of a year-long investigation into the disaster, The Wall Street Journal first reported in February 2019 the conflict of interest between Vale and TÜV SÜD, which worked as both an internal consultant and an independent safety evaluator for the miner.
A spokeswoman for Vale said Thursday that the miner wasn’t aware of an imminent risk at the dam. TÜV SÜD said it reiterated its commitment to “see the facts of the dam’s collapse clarified,” adding that it was cooperating with authorities. Mr. Schvartsman and the individuals facing criminal charges have denied wrongdoing in the case.
In recent years, Brazil’s public prosecutors have battled big companies with little success. After an oil spill off the coast of Rio de Janeiro in 2011, prosecutors filed lawsuits against
Chevron Corp.
for more than $7 billion. Two years later, they settled with the U.S. oil giant for $55 million.
Write to Samantha Pearson at samantha.pearson@wsj.com and Jeffrey T. Lewis at jeffrey.lewis@wsj.com
Leon Black plans to step down as chief executive of Apollo Global Management Inc. after an independent review revealed larger-than-expected payments to disgraced financier Jeffrey Epstein that it nevertheless deemed justified.
The monthslong review by Dechert LLP found no evidence that Mr. Black was involved in the criminal activities of the late Epstein, who was indicted in 2019 on federal sex-trafficking charges involving underage girls, according to a copy of the law firm’s report that was viewed by The Wall Street Journal.
In its report, Dechert found the fees that the billionaire had paid Epstein were for legitimate advice on trust- and estate-tax planning that proved to be of significant value to Mr. Black and his family. Mr. Black paid Epstein a total of $148 million, plus a $10 million donation to his charity—far more than was previously known.
Mr. Black wrote in a letter to Apollo’s fund investors that he would cede the role of CEO to co-founder Marc Rowan on or before his 70th birthday on July 31 while retaining the role of chairman. In the letter, a copy of which was viewed by the Journal, Mr. Black detailed other governance changes he is recommending to the board, including the appointment of more independent directors and the elimination of Apollo’s dual-class share structure.
Mr. Black also pledged to donate $200 million of his family’s money to women’s initiatives.
MOSCOW—The protests that swept Russia this weekend in support of jailed opposition leader Alexei Navalny show the challenge President Vladimir Putin faces in managing social discontent ahead of parliamentary elections this year.
Saturday’s unsanctioned rallies were among the largest in recent years and saw tens of thousands of people brave freezing temperatures, the threat of the pandemic and the possibility of incarceration. Security forces detained more than 3,500 people—the largest number in at least nine years, according to independent monitors.
The protests have left the Kremlin facing a dilemma: Either bow to the pressure from the street and undermine its own authority by releasing Mr. Navalny or risk inciting more backlash and unifying the opposition by keeping him behind bars.
“There are few good options for Putin,” said Abbas Gallyamov, a Moscow-based political consultant and former speechwriter for Mr. Putin. “It seems like Navalny is attacking and the Kremlin is defending.”
Mr. Putin’s approval ratings have swooned in recent years amid a sluggish economy and protest activity. Observers say the Navalny demonstrations, if sustained, could pose a threat to Mr. Putin’s dominance despite constitutional changes approved last year that could allow him to stay in power until 2036.