On June 5, a vulnerability named ‘Return of the WIZard’ was publicly disclosed that rendered Exim servers, which run 57% of the internet’s email servers, vulnerable to attack. The vulnerability allows remotely located hackers to send malicious emails to Exim servers and use that entry point to run malicious code under the Exim process’ access level. In short? Everyone using an email that runs on an Exim server was vulnerable.
Exim attacks
Sure enough, just a few days later a barrage of attacks began on Exim servers. There are currently between 500,000 and 5.4 million Exim servers installed across the internet. For hackers, that represents a treasure trove of information. If they can hack into those servers, they’ll find users’ naked data, exposed and exploitable.
Just a little over a year earlier, in March 2018, a separate vulnerability had been discovered in Exim that allowed attackers to remotely run arbitrary code without authentication. That was patched, but as the June 2019 vulnerability showed, fixing one vulnerability only buys servers a bit of time before the next vulnerability comes to light. Companies can try to make servers’ protections as robust as possible, but hackers are smart and will find a way around them. It’s only a matter of time.
Vulnerabilities aren’t just a concern for young programs, and they’re not something programs age out of. Even Microsoft, a sophisticated organization, with as mature a product as Windows, continues to discover new vulnerabilities on an alarmingly regular basis. There are so many vulnerabilities constantly being discovered that Microsoft has to release monthly product updates with fixes.
It’s high time that we learn our lesson. Servers cannot be trusted. Every time a new vulnerability comes to light and a new fix is developed to patch it over, all that fix is doing is sticking a bit of duct tape on a porous tank. It’s not a question of if the next leak will happen, it’s a question of when. Don’t wait for drastic consequences to motivate you to secure your data.
If you want to be sure that you won’t be a victim of the next vulnerability, end-to-end encrypted email is your only option. PreVeil uses externally vetted techniques to make sure that even if an attacker gets to data stored in PreVeil, all they’ll see is gibberish. You’ll be safe.
It can feel like we’re banging on about the same stuff incessantly, but the fact is that it matters. A Reuters Investigation into what rendered major American companies, from Hewlett Packard Enterprise to IBM to the builder of American’s nuclear submarines, vulnerable to attack by Chinese ‘Cloud Hopper’ hackers showed that it’s the same things PreVeil has been built to avoid.
First, Cloud Hopper hackers used malware and phishing emails to create an entrypoint to work from. PreVeil has Trusted Communities so that members of an organization can communicate only with people they know, eliminating the risk of opening malicious emails from outside groups.
Anatomy of Cloud Hopper Attack

Anatomy of Cloud Hopper Attack – Reuters
Second, one way in which Cloud Hopper hackers gained access was by tricking account holders to give up their passwords. PreVeil uses encrypted key pairs instead of passwords. Short of handing over your physical device to a hacker, you can’t accidentally compromise your own security.
Third, Cloud Hopper hackers achieved access to companies by using admins as a springboard to all the data they manage. PreVeil has Approval Groups, so a single compromised user won’t bring down your entire organization. There are no central accounts to target, because there are no admins who can unilaterally grant access.
Fourth, if a hacker does manage to breach the PreVeil server, all they’ll see is gibberish. At no point in the transfer or storage of information is your data ever decrypted, other than on your and your conversation partner’s physical devices.
It’s simple and it’s important. Protect your data. Learn more about how PreVeil keeps your data safe and sign up for your free end-to-end encrypted email account at preveil.com/download.