Security News > 2022 > March > Microsoft Finds FoxBlade Malware Hit Ukraine Hours Before Russian Invasion

Microsoft on Monday disclosed that it detected a new round of offensive and destructive cyberattacks directed against Ukraine's digital infrastructure hours before Russia launched its first missile strikes last week.
The intrusions involved the use of a never-before-seen malware package dubbed FoxBlade, according to the tech giant's Threat Intelligence Center, noting that it added new signatures to its Defender anti-malware service to detect the exploit within three hours of the discovery.
"These recent and ongoing cyberattacks have been precisely targeted, and we have not seen the use of the indiscriminate malware technology that spread across Ukraine's economy and beyond its borders in the 2017 NotPetya attack," Microsoft's President and Vice Chair, Brad Smith, said.
The disclosure comes as cyber assaults ranging from malicious data wipers to DDoS attacks have continued to rain down on Ukrainian government and banking websites, even as the U.S. Cybersecurity and Infrastructure Security Agency warned of such attacks employed beyond the country's borders.
"Destructive malware can present a direct threat to an organization's daily operations, impacting the availability of critical assets and data," CISA said.
"Further disruptive cyberattacks against organizations in Ukraine are likely to occur and may unintentionally spill over to organizations in other countries."
News URL
https://thehackernews.com/2022/03/microsoft-finds-foxblade-malware-hit.html
Related news
- Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp (source)
- Microsoft Teams tactics, malware connect Black Basta, Cactus ransomware (source)
- Microsoft admits GitHub hosted malware that infected almost a million devices (source)
- Microsoft: New RAT malware used for crypto theft, reconnaissance (source)
- YouTube Game Cheats Spread Arcane Stealer Malware to Russian-Speaking Users (source)
- Microsoft Trust Signing service abused to code-sign malware (source)
- Microsoft Trusted Signing service abused to code-sign malware (source)
- New Android malware uses Microsoft’s .NET MAUI to evade detection (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware (source)