| 27 September 2022, Tuesday |

Microsoft says it observed destructive malware in systems belonging to several Ukraine govt agencies

Microsoft Corp (MSFT.O) said in a blog post on Saturday that it has discovered damaging malware in the networks of various Ukrainian government institutions and entities that collaborate with the Ukrainian government.

According to Microsoft, the malware’s victims include Ukrainian government entities that offer crucial executive branch or emergency response operations.

An information technology business that administers websites for public and commercial sector clients, including government institutions whose websites were recently vandalized, was also impacted. Microsoft did not name the IT firm that was engaged.

The U.S. software giant, which first detected the malware on Thursday, said the malware attacks did not make use of any vulnerability in Microsoft products and services.

A massive cyberattack splashed on government websites on Thursday night, warning Ukrainians to “be afraid and expect the worst” hit, leaving some websites inaccessible on Friday morning and prompting Ukraine to open an investigation.

Reuters reported on Saturday that Ukraine had suspected a hacker group linked to Belarus intelligence carried out a cyberattack, and that it used malware similar to that used by a group tied to Russian intelligence, according to a senior Ukrainian security official.

The malware, which is disguised as ransomware, would render the infected computer system inoperable if activated by the attacker, Microsoft said, adding the company will continue to work with the cybersecurity community to identify and assist targets and victims.

  • Reuters