Security News > 2022 > January > Microsoft: Fake ransomware targets Ukraine in data-wiping attacks
Microsoft is warning of destructive data-wiping malware disguised as ransomware being used in attacks against multiple organizations in Ukraine.
Starting January 13th, Microsoft detected the new attacks that combined a destructive MBRLocker with a data-corrupting malware used to destroy the victim's data intentionally.
With the geopolitical tensions escalating in the region between Russia and Ukraine, it is believed that these attacks are designed to sow chaos in Ukraine.
While NotPetya was based on real ransomware known as Petya, the NotPetya attacks were conducted as a cyberweapon against Ukraine rather than to generate payments.
Threat actors who have reviewed the published data say it is unrelated to Ukraine government agencies and contains data from an old leak.
Ukraine has attributed the attacks to Russia, with the goal of undermining the confidence in the Ukrainian government.
News URL
Related news
- Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks (source)
- Microsoft: Ransomware Attacks Growing More Dangerous, Complex (source)
- Critical SonicWall SSLVPN bug exploited in ransomware attacks (source)
- NoName ransomware gang deploying RansomHub malware in recent attacks (source)
- Microsoft says it broke some Windows 10 patching – as it fixes flaws under attack (source)
- Port of Seattle hit by Rhysida ransomware in August attack (source)
- Ransomware gangs now abuse Microsoft Azure tool for data theft (source)
- Microsoft: Vanilla Tempest hackers hit healthcare with INC ransomware (source)
- Microsoft Warns of New INC Ransomware Targeting U.S. Healthcare Sector (source)
- AutoCanada says ransomware attack "may" impact employee data (source)