Security News

Microsoft on Monday disclosed that it detected a new round of offensive and destructive cyberattacks directed against Ukraine's digital infrastructure hours before Russia launched its first missile strikes last week. The intrusions involved the use of a never-before-seen malware package dubbed FoxBlade, according to the tech giant's Threat Intelligence Center, noting that it added new signatures to its Defender anti-malware service to detect the exploit within three hours of the discovery.

"As tanks rolled into Ukraine, so did malware," summarized humanitarian author Andreas Harsono, referring to the novel malware that Microsoft has named FoxBlade. "Several hours before the launch of missiles or movement of tanks on February 24, Microsoft's Threat Intelligence Center detected a new round of offensive and destructive cyberattacks directed against Ukraine's digital infrastructure," Microsoft President and Vice-Chair Brad Smith said.

One of the most interesting ones is a previously unknown malware with destructive payload that has popped up on hundreds of Ukrainian machines lately. On Feb. 23, a tweet from ESET Research claims they discovered a new malware that wipes data, used in Ukraine.

The development follows Ukraine's successful effort of raising over $37 million in crypto donations from all around the world amid the country's ongoing invasion by Russian troops. 'Help Ukraine' crypto donation scams on the rise.

Microsoft is decrying what it calls the "Tragic, unlawful and unjustified invasion of Ukraine" by Russia, and vowed to continue protecting the country from cyberattacks and state-sponsored disinformation campaigns. The software giant added it will support humanitarian efforts as Ukrainians try to fend off an invading Russian army and as hundreds of thousands flee Ukraine into such neighbors as Poland, Romania, and Moldova.

Microsoft said that Ukrainian networks were targeted with recently found malware several hours before Russia's invasion of Ukraine on February 24th. Researchers with the Microsoft Threat Intelligence Center observed destructive attacks targeting Ukraine and spotted a malware strain they named FoxBlade. "We immediately advised the Ukrainian government about the situation, including our identification of the use of a new malware package, and provided technical advice on steps to prevent the malware's success."

Microsoft said that Ukrainian networks were targeted with newly found malware several hours before Russia's invasion of Ukraine on February 24th. Researchers with the Microsoft Threat Intelligence Center observed destructive attacks targeting Ukraine and spotted a new malware strain they dubbed FoxBlade. "Several hours before the launch of missiles or movement of tanks on February 24, Microsoft's Threat Intelligence Center detected a new round of offensive and destructive cyberattacks directed against Ukraine's digital infrastructure," Microsoft President and Vice-Chair Brad Smith said.

The Russia-Ukraine cyber warzone has split the Conti ransomware gang into warring factions, leading to a Ukrainian member spilling 60,000 of the group's internal chat messages online. On Twitter a message from a Conti member saying that "This is a friendly heads-up that the Conti gang has just lost all their sht."

Key Russian websites and state online portals have been taken offline by attacks claimed by the Ukrainian cyber police force, which now openly engages in cyber-warfare. The Ukrainian cyber police have announced having targeted the websites of the Investigative Committee of the Russian Federation, the FSB, and the Sberbank, Russia's state-owned bank.

As Russia's invasion of Ukraine continues, the technology industry is trying to use its services to make a difference - and to keep those services available as the war makes it harder to operate. The Global Sourcing Association - a UK-based body formerly known as the National Outsourcing Association and which promotes strategic use of services resources around the world - last week reported "Evidence of service disruption as companies are struggling to exercise their business continuity plans due to the extent of the disruption and employees are having to decide if they want to stay and work or choose to evacuate the main cities."