1/16/2022- 8:45 a.m.
Microsoft warns of destructive malware in computer systems of Ukrainian state institutions.
Computer systems of several Ukrainian government agencies and non-profit organizations have been infected with malware disguised as ransomware, Microsoft said.
The malware was supposed to resemble a hijacking program but did not have a ransom recovery mechanism.
Instead of securing a ransom, the program was designed to incapacitate target devices, Microsoft Threat Intelligence Center said.
“Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a destructive malware operation targeting multiple organizations in Ukraine. This malware first appeared on victim systems in Ukraine on January 13, 2022,” the company wrote on its security blog on Saturday.
The MSTIC said that the malware was supposed to resemble a hijacking program but did not have a ransom recovery mechanism. Instead of securing a ransom, the program was designed to incapacitate target devices, the company said.
Microsoft has not yet identified any significant association between this activity and those of other malware groups the company is tracking.
“Given the scale of the observed intrusions, MSTIC is not able to assess intent of the identified destructive actions but does believe these actions represent an elevated risk to any government agency, non-profit or enterprise located or with systems in Ukraine,” the company said, urging all organizations to “immediately conduct a thorough investigation” and build up their defenses.
The Ukrainian Ministry of Culture and Information Policy claimed Russia was behind the hacking attack. Kremlin spokesman Dmitry Peskov told reporters that Russia “had nothing to do” with the incident.
