A New Destructive Malware Targeting Ukrainian Government and Business Entities

2022-01-19 04:08

Cybersecurity teams from Microsoft on Saturday disclosed they identified evidence of a new destructive malware operation targeting government, non-profit, and information technology entities in Ukraine amid brewing geopolitical tensions between the country and Russia.

"The malware is disguised as ransomware but, if activated by the attacker, would render the infected computer system inoperable," Tom Burt, corporate vice president of customer security and trust at Microsoft, said, adding the intrusions were aimed at government agencies that provide critical executive branch or emergency response functions.

Also targeted is an IT firm that "Manages websites for public and private sector clients, including government agencies whose websites were recently defaced," Burt noted.

The development comes as numerous government websites in the Eastern European country were defaced on Friday with a message warning Ukrainians that their personal data was being uploaded to the Internet.

"Given the scale of the observed intrusions, MSTIC is not able to assess intent of the identified destructive actions but does believe these actions represent an elevated risk to any government agency, non-profit or enterprise located or with systems in Ukraine," the researchers cautioned.

"Multiple significant intrusions into Ukrainian government entities have been conducted by UNC1151," cybersecurity firm Mandiant disclosed in a report in November 2021, pointing out the group's operations as those aligned with Belarusian government interests.

News URL

https://thehackernews.com/2022/01/a-new-destructive-malware-targeting.html

#malware #ukrainian