Microsoft Detects Destructive Malware in Ukraine

In a post late Saturday, Microsoft Corporation mentioned that it detected highly destructive malware in dozens of computer networks in Ukraine.

The software giant explained that the malicious software targeted multiple organizations in the country.

Correspondingly, this includes government agencies that provide critical executive branch or emergency response functions.

It also affected an information technology firm that manages websites for public and private sector clients, including government offices.

In addition, its design specifically focuses on making computers inoperable if activated by an attacker.

Last Thursday, Microsoft initially observed the malware. The company noted that the intrusive program did not use any vulnerability in its products and services.

The report coincided with a massive cyberattack on government websites on that night.

Eventually, 70 Ukrainian websites became inaccessible the following day, pushing the government to investigate.

Ukraine presumed that a hacker group linked to Belarus intelligence carried out the cyberattack.

Security officials suspected that the group used malware similar to Russian intelligence.

Then, President Biden’s national security adviser, Jake Sullivan, said on Sunday that they are currently examining the code that was first reported.

Accordingly, the deployment of the code appeared to be three days after Russian diplomats held meetings with the United States and NATO.

Microsoft Discloses Fake Ransomware Attack

Microsoftware disclosed that the detected malware disguised itself as ransomware.

The company noted that the malicious software lacks a ransom recovery mechanism. It is only intended to be destructive, rendering targeted devices inoperable rather than to claim a ransom.

Still, Microsoft could not assess the intent of the destructive activity.

At the same time, it has not identified the group behind the attack. However, it was expected that there were more affected devices than initially thought.

In addition, it raised the possibility that the attackers will try to destroy as many computers and networks as possible.

Microsoft reassured that the business would continue to work with the cybersecurity community to locate and assist targets and victims.

The announcement came amid the rising tensions with Russia as Moscow troops remained massed at the Ukrainian border.