Microsoft says Ukrainian organizations had destructive malware implanted into their computer systems
Microsoft Threat Intelligence Center (MSTIC), the cybersecurity division of tech giant Microsoft, on Jan. 15 announced that it had identified evidence of a destructive malware operation targeting multiple organizations in Ukraine.
At present, the company’s investigation teams have identified the malware on dozens of impacted systems that span multiple government, non-profit, and information technology organizations, all based in Ukraine.
However, the number could grow as the investigation continues, it said.MSTIC said the malware, which is designed to look like ransomware but lacking a ransom recovery mechanism, is intended to be destructive and designed to render targeted devices inoperable rather than to obtain a ransom.
Microsoft stressed the malware first appeared on victims’ systems in Ukraine on Jan. 13, 2022.
After that, hackers vandalized multiple websites belonging to Ukrainian government bodies and ministers overnight on Jan. 14, with the website of the Ministry of Education, the Ministry of Foreign Affairs, the Diia portal (an e-government app), and others having had their usual content replaced with a threatening message.
Ukraine’s State Service of Special Communication and Information Protection said about 70 websites belonging to Ukrainian government bodies and ministries had been affected.
The Security Service of Ukraine (SBU) reported that no data had been leaked or stolen from state databases.
Oleksiy Danilov, the secretary of Ukraine’s National Security and Defense Council, told British-based Sky News that Ukraine is “99.9%” sure Russia was behind a massive cyber-attack against Ukrainian government websites on Friday.
The SBU in turn said there are signs that hacker groups associated with the Russian special services were involved in the incident.
Follow us on Twitter, Facebook and Google News