Attackers Use Malicious IIS Extensions to Deploy Covert Backdoors into Exchange Servers

As opposed to web shells, malicious extensions for the IIS web server have a lower detection rate, which means attackers are increasingly using them to backdoor unpatched Exchange servers. Since they can be hidden deep within a compromised server, and are often very difficult to detect.

Read full article on GBHackers