Microsoft Finds FoxBlade Malware Hit Ukraine Hours Before Russian Invasion

2 years ago 161
BOOK THIS SPACE FOR AD
ARTICLE AD

Microsoft on Monday disclosed that it detected a new round of offensive and destructive cyberattacks directed against Ukraine's digital infrastructure hours before Russia launched its first missile strikes last week.

The intrusions involved the use of a never-before-seen malware package dubbed FoxBlade, according to the tech giant's Threat Intelligence Center (MSTIC), noting that it added new signatures to its Defender anti-malware service to detect the exploit within three hours of the discovery.

Automatic GitHub Backups

"These recent and ongoing cyberattacks have been precisely targeted, and we have not seen the use of the indiscriminate malware technology that spread across Ukraine's economy and beyond its borders in the 2017 NotPetya attack," Microsoft's President and Vice Chair, Brad Smith, said.

Additional technical specifics pertaining to FoxBlade, including the mode of initial access, are not known, but Microsoft in a Security Intelligence advisory stated that "this trojan can use your PC for distributed denial-of-service (DDoS) attacks without your knowledge."

What's more, the delivery of the trojan appears to be facilitated by means of a second "downloader" module that's capable of retrieving and installing the malware on the compromised machines.

Prevent Data Breaches

The disclosure comes as cyber assaults ranging from malicious data wipers to DDoS attacks have continued to rain down on Ukrainian government and banking websites, even as the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of such attacks employed beyond the country's borders.

"Destructive malware can present a direct threat to an organization's daily operations, impacting the availability of critical assets and data," CISA said. "Further disruptive cyberattacks against organizations in Ukraine are likely to occur and may unintentionally spill over to organizations in other countries."


Found this article interesting? Follow THN on Facebook, Twitter and LinkedIn to read more exclusive content we post.

Read Entire Article