Security News > 2022 > February > Microsoft: Ukraine hit with FoxBlade malware hours before invasion
Microsoft said that Ukrainian networks were targeted with recently found malware several hours before Russia's invasion of Ukraine on February 24th. Researchers with the Microsoft Threat Intelligence Center observed destructive attacks targeting Ukraine and spotted a malware strain they named FoxBlade.
"We immediately advised the Ukrainian government about the situation, including our identification of the use of a new malware package, and provided technical advice on steps to prevent the malware's success."
Smith said the company updated its Defender security platform with new signatures to block the malware within three hours of discovering the malicious payload deployed in the wild.
The offensive cyberattacks detected by MSTIC researchers right before the Russian invasion followed several other series of malware attacks since the start of 2021.
Earlier this month, newly discovered HermeticWiper malware was used to target Ukraine together with ransomware decoys to wipe data and render devices unbootable.
In January, the country was struck by another series of malware attacks deploying the WhisperGate wiper disguised as a ransomware payload. Over the weekend, CISA and the FBI warned US organizations that the data wiping attacks against Ukraine could spill over to other countries, urging US orgs to "Increase vigilance" and reinforce their defenses.
News URL
Related news
- DarkGate Malware Exploited Recently Patched Microsoft Flaw in Zero-Day Attack (source)
- Microsoft fixes two Windows zero-days exploited in malware attacks (source)
- OfflRouter Malware Evades Detection in Ukraine for Almost a Decade (source)
- GitHub comments abused to push malware via Microsoft repo URLs (source)
- Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw (source)
- New Latrodectus malware attacks use Microsoft, Cloudflare themes (source)