Microsoft has identified evidence of a destructive malware operation targeting multiple organisations — government, nonprofits organisations and IT firms — in Ukraine.
According to Microsoft Threat Intelligence Centre (MSTIC), this malware first appeared on victim systems in Ukraine on January 13.
“Microsoft is aware of the ongoing geopolitical events in Ukraine and surrounding region and encourages organisations to use the information in this post to proactively protect from any malicious activity,” the company said in a statement.
Last week, state-sponsored hackers hit Ukraine with a massive cyber-attack, shutting down several government websites amid heightened tension with Russia.
As a result of the cyber-attack, the websites of the Ministry of Foreign Affairs and a number of other government agencies went down.
Microsoft said that the malware, designed to look like ransomware but lacking a ransom recovery mechanism, is intended to be destructive and “designed to render targeted devices inoperable rather than to obtain a ransom”.
“At present and based on Microsoft visibility, our investigation teams have identified the malware on dozens of impacted systems and that number could grow as our investigation continues,” said the company.
Russia has repeatedly been accused of cyber-attacks against Ukraine amid escalated tension between them.
Russia will station troops on its own territory near the Ukrainian border due to tensions with the NATO, Kremlin spokesman Dmitry Peskov has said.
Last week, Russian diplomats held talks with top US officials in Geneva, with the Organisation for Security and Co-operation in Europe in Vienna, and then with NATO in Brussels.
They all ended without any breakthrough.