Microsoft says that malware has compromised Ukrainian government networks.Microsoft says that malware has compromised Ukrainian government networks.

Microsoft announced late Saturday that it had discovered dozens of computer networks infected with dangerous malware disguised as ransomware at Ukrainian government institutions and enterprises.

According to Microsoft, the virus is meant to render computers useless if launched by an attacker and targets various companies in Ukraine, including government entities that offer critical executive branch or emergency response activities.

“Our investigative teams have found the virus on dozens of infected systems, and that number could grow as our investigation continues,” Microsoft wrote on Saturday in a blog post. “These systems are based in Ukraine and span several government, non-profit, and information technology companies.”

According to Microsoft, the operation was discovered on Thursday, coinciding with a significant cyberattack that attacked dozens of Ukrainian government websites simultaneously, with a message advising Ukrainians to “be afraid and expect the worst.”

Microsoft’s announcement comes as tensions with Russia increase after Moscow deployed 100,000 troops near Ukraine’s border, raising fears of an attack.

A Ukrainian security official told Reuters that the government believes the cyberattack on government websites was carried out by hacking groups tied to Russia’s intelligence services. Moscow has denied any involvement in cyberattacks against Ukraine on several occasions.

The enormous NotPetya ransomware assault, which attacked the government, banking, and energy organizations in Ukraine and cost more than $10 billion in damages globally, was blamed on the Russian military in 2017. According to the US, the strike, which the US described as the “most devastating and costly cyber-attack in history,” was part of the Kremlin’s attempt to destabilize Ukraine.

According to Microsoft, the malware “executes when an attached device is shut off,” which is a typical first response to a ransomware outbreak to prevent it from spreading further. Microsoft stated that it could not determine the damaging activity’s goal or discover distinguishing traits that may be used to link it to known threat actors.

Leave a Reply

Your email address will not be published. Required fields are marked *