Last Updated on 02/03/2022 by Nidhi Khandelwal
Microsoft announced on Monday that it has discovered a new wave of offensive and damaging cyberattacks targeting Ukraine’s digital infrastructure only hours before Russia launched its first missile strikes last week.
According to the tech giant’s Threat Intelligence Center (MSTIC), the incursions required the deployment of a never-before-seen malware package dubbed FoxBlade, and it deployed new signatures to its Defender anti-malware programme to detect the exploit within three hours of its discovery.
“We have not seen the usage of the indiscriminate malware technology that spread across Ukraine’s economy and beyond its borders in the 2017 NotPetya assault,” said Brad Smith, Microsoft’s President and Vice Chair.
Additional technical details about FoxBlade, such as the mechanism of initial access, are unknown, however Microsoft warned that “this trojan can utilize your PC for distributed denial-of-service (DDoS) assaults without your knowledge” in a Security Intelligence advisory.
Furthermore, the trojan’s distribution appears to be aided by a second “downloader” module, which is capable of collecting and installing the virus on infected devices.
The revelation comes as cyber attacks on Ukrainian government and financial websites have continued, ranging from malicious data wipers to DDoS attacks, even as the US Cybersecurity and Infrastructure Security Agency (CISA) warned of such attacks being used beyond the country’s boundaries.