Microsoft says it uncovered a new malware strain in Ukraine hours before invasion began

News
By Anthony Spadafora
published

FoxBlade malware strain was added to Microsoft Defender within hours of its discovery

Malware
(Image credit: solarseven / Shutterstock)

Microsoft has revealed that it discovered a new malware strain just a few hours before Russia began its invasion of neighboring Ukraine.

In a new blog post, the software giant explained that one of its principal responsibilities as a software and cybersecurity company is to help defend both governments and countries from cyberattacks. As such, Microsoft has been paying close attention to the events going on in Ukraine.

Microsoft's Threat Intelligence Center (MSTIC) has been monitoring the situation closely and several hours before Russia's invasion of Ukraine began, it detected a new round of cyberattacks targeting the country's digital infrastructure.

In addition to advising the Ukranian government on the matter, Microsoft's security team identified the use of a new malware package, which it has dubbed FoxBlade, and provided technical advice on the steps needed to prevent falling victim to it. In fact, within three hours, signatures used to detect FoxBlade activity were added to Microsoft Defender to help defend against this new threat.

Precisely targeted cyberattacks

Over the course of the past few days, Microsoft has provided both threat intelligence and defensive suggestions to Ukrainian official regarding attacks on a range of targets including Ukrainian military institutions, manufacturers and several other government agencies.

According to Microsoft, these ongoing cyberattacks have been precisely targeted and the company hasn't seen the use of indiscriminate malware technology across Ukraine's economy and beyond its borders since the NotPetya attack in 2017.

Read More

> Anonymous launches "cyber war" against Russia

> TrickBot malware has been taken over by this notorious criminal gang

> Raspberry Pi can now detect malware without any software

The company also remains concerned regarding recent cyberattacks on civilian digital targets including the financial sector, agriculture sector, emergency response services, humanitarian aid efforts and energy sector organizations in Ukraine. These attacks on civilian targets raise serious concerns under the Geneva Convention which is why Microsoft has shared all of the information it has on them with the Ukrainian government.

Besides cyberattacks, there have also been efforts to steal a wide range of data including health, insurance and transportation-related personally identifiable information (PII) from Ukrainian citizens.

We could potentially hear more from Microsoft on its cybersecurity efforts in Ukraine if cybercriminals and nation state hackers alike continue to target the country and its citizens.

Anthony Spadafora
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.