Following the massive cyberattack in Ukraine, Microsoft announces that it has identified destructive malware in computer systems belonging to several Ukrainian government agencies and organizations working closely with the country.
Malware spotted by Microsoft following cyberattack in Ukraine
The malware, disguised as ransomware, crashes the computer system if activated by the attacker, Microsoft said, adding that it will continue to work with the cybersecurity community to identify and assist targets and victims.
Among the victims are agencies providing critical services or emergency functions, as well as an IT services company (Société de Services et d’Ingénierie en Informatique) managing websites for public and private sector clients, including government agencies. Ukrainians. Several of them have been disrupted in recent days by the cyberattack. Regarding the SSII, Microsoft has not publicly revealed its name.
The American group, which detected the malware on Thursday and announced it this weekend, said the attacks did not exploit a possible vulnerability in its products and services.
Ukrainian government websites were the victims of a massive cyberattack a few days ago, forcing the posting of messages calling on Ukrainians to “to be afraid and to expect the worst”. Some of these sites were inaccessible for long hours and the country has since opened an investigation. Now Ukraine suspects UNC1151, a hacker group linked to the Belarusian secret service, of being behind the cyberattack.