Ukraine, Poland targeted with novel ransomware attack, says Microsoft

0
93
Ukraine, Poland targeted with novel ransomware attack, says Microsoft
Ukraine, Poland targeted with novel ransomware attack, says Microsoft

In several cases, the researchers noted that the hackers had gained administrator control of the victims’ systems ahead of deploying the ransomware, suggesting they had stolen their credentials earlier and were waiting for the right moment

Transportation and logistics companies in Ukraine and Poland have been attacked with a novel kind of ransomware by a newly discovered hacking group, Microsoft said in a blog post on Friday.

Adding that it hadn’t been able to link the attacks to any known group yet, Microsoft said that the attackers targeted a wide range of systems within an hour on Tuesday.

Notably, however, researchers found that the hacks closely mirrored earlier attacks by a Russian government-linked cyber team that had disrupted Ukraine government agencies.

Since the start of the conflict in late February Ukraine has been the target of numerous cyberattacks by Russia, according to western security researchers and senior government officials.

Victims of the new ransomware, named “Prestige,” overlap with those of another data-shredding cyberattack that involved the “FoxLoad,” or “HermeticWiper” malware, Microsoft said.

At the beginning of the Russian invasion of Ukraine, the attack hit hundreds of computers in Ukraine, Lithuania, and Latvia.

“Prestige” ransomware works by encrypting a victims’ data and leaving a ransom note that says the data can only be unlocked with the purchase of a decryption tool, Microsoft said.

In several cases, the researchers noted that the hackers had gained administrator control of the victims’ systems ahead of deploying the ransomware, suggesting they had stolen their credentials earlier and were waiting for the right moment.

“The enterprise-wide deployment of ransomware is not common in Ukraine, and this activity was not connected to any of the 94 currently active ransomware activity groups that Microsoft tracks,” the researchers said.

Also readTechnology leader shall be open to accepting changes

Do FollowCIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter

About us:

CIO News, a proprietary of Mercadeo, produces award-winning content and resources for IT leaders across any industry through print articles and recorded video interviews on topics in the technology sector such as Digital Transformation, Artificial Intelligence (AI), Machine Learning (ML), Cloud, Robotics, Cyber-security, Data, Analytics, SOC, SASE, among other technology topics