Security News > 2022 > February > Microsoft: Ukraine hit with new FoxBlade malware hours before invasion

Microsoft said that Ukrainian networks were targeted with newly found malware several hours before Russia's invasion of Ukraine on February 24th. Researchers with the Microsoft Threat Intelligence Center observed destructive attacks targeting Ukraine and spotted a new malware strain they dubbed FoxBlade.

"Several hours before the launch of missiles or movement of tanks on February 24, Microsoft's Threat Intelligence Center detected a new round of offensive and destructive cyberattacks directed against Ukraine's digital infrastructure," Microsoft President and Vice-Chair Brad Smith said.

"We immediately advised the Ukrainian government about the situation, including our identification of the use of a new malware package, and provided technical advice on steps to prevent the malware's success."

Smith also said that the company updated its Defender security platform with new signatures to block the FoxBlade malware within three hours of discovering the malicious tool deployed in the wild.

Microsoft describes the malware in a Security Intelligence advisory published on February 23rd as a trojan that can use computers "For distributed denial-of-service attacks" without the owners' knowledge.

In January, the country was struck by another series of malware attacks deploying the WhisperGate wiper disguised as a ransomware payload. Over the weekend, CISA and the FBI warned US organizations that the data wiping attacks against Ukraine could spill over to other countries, urging US orgs to "Increase vigilance" and reinforce their defenses.

News URL

https://www.bleepingcomputer.com/news/security/microsoft-ukraine-hit-with-new-foxblade-malware-hours-before-invasion/