Security News > 2022 > January > Microsoft: Fake ransomware targets Ukraine in data-wiping attacks
Microsoft is warning of destructive data-wiping malware disguised as ransomware being used in attacks against multiple organizations in Ukraine.
Starting January 13th, Microsoft detected the new attacks that combined a destructive MBRLocker with a data-corrupting malware used to destroy the victim's data intentionally.
With the geopolitical tensions escalating in the region between Russia and Ukraine, it is believed that these attacks are designed to sow chaos in Ukraine.
While NotPetya was based on real ransomware known as Petya, the NotPetya attacks were conducted as a cyberweapon against Ukraine rather than to generate payments.
Threat actors who have reviewed the published data say it is unrelated to Ukraine government agencies and contains data from an old leak.
Ukraine has attributed the attacks to Russia, with the goal of undermining the confidence in the Ukrainian government.
News URL
Related news
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Halliburton reports $35 million loss after ransomware attack (source)
- New Ymir ransomware partners with RustyStealer in attacks (source)
- New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks (source)
- New 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux Systems (source)
- Five backup lessons learned from the UnitedHealth ransomware attack (source)
- Mega US healthcare payments network restores system 9 months after ransomware attack (source)
- SafePay ransomware gang claims Microlise attack that disrupted prison van tracking (source)
- Blue Yonder ransomware attack disrupts grocery store supply chain (source)
- Starbucks, grocery stores impacted by Blue Yonder ransomware attack (source)