Security News > 2022 > January > Microsoft: Fake ransomware targets Ukraine in data-wiping attacks
Microsoft is warning of destructive data-wiping malware disguised as ransomware being used in attacks against multiple organizations in Ukraine.
Starting January 13th, Microsoft detected the new attacks that combined a destructive MBRLocker with a data-corrupting malware used to destroy the victim's data intentionally.
With the geopolitical tensions escalating in the region between Russia and Ukraine, it is believed that these attacks are designed to sow chaos in Ukraine.
While NotPetya was based on real ransomware known as Petya, the NotPetya attacks were conducted as a cyberweapon against Ukraine rather than to generate payments.
Threat actors who have reviewed the published data say it is unrelated to Ukraine government agencies and contains data from an old leak.
Ukraine has attributed the attacks to Russia, with the goal of undermining the confidence in the Ukrainian government.
News URL
Related news
- Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks (source)
- Microsoft: Ransomware Attacks Growing More Dangerous, Complex (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Ransomware gang using stolen Microsoft Entra ID creds to bust into the cloud (source)
- Embargo ransomware escalates attacks to cloud environments (source)
- Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts (source)
- JPCERT shares Windows Event Log tips to detect ransomware attacks (source)
- Ransomware attack forces UMC Health System to divert some patients (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)