Microsoft says Ukraine, Poland target of new ransomware attack

0
29

SAN FRANCISCO: A newly discovered hacking group has attacked transportation and logistics companies in Ukraine and Poland with a new strain of ransomware, Microsoft said in a blog post on Friday (Oct. 14).

The attackers attacked a wide variety of systems within an hour on Tuesday, Microsoft said, adding that it had not yet been able to link the attacks to any known group.

Notably, however, researchers found that the hacks closely matched previous attacks by a Russian government-affiliated cyber team that had disrupted Ukrainian government agencies.

See also  Berkshire Hathaway sells $80.7 million worth of shares in China's BYD

According to Western security researchers and senior government officials, Ukraine has been the target of numerous cyber attacks by Russia since the conflict began in late February.

The Russian embassy in Washington did not immediately respond to a request for comment, as did the cybersecurity agencies of Ukraine or Poland.

Victims of the new ransomware, called Prestige, overlap with those of another data-shredding cyberattack involving the FoxLoad or HermeticWiper malware, Microsoft said.

See also  Gold's rise is likely to continue as the dollar falls

That attack hit hundreds of computers in Ukraine, Lithuania and Latvia at the start of the Russian invasion of Ukraine.

Prestige ransomware works by encrypting a victim’s data and leaving a ransom note stating that the data can only be unlocked with the purchase of a decryption tool, according to Microsoft.

In several cases, the researchers noted that the hackers had been given administrative control over the victims’ systems before deploying the ransomware, suggesting that they had stolen their credentials before and were waiting for the right moment.

See also  Starbucks union to strike at more than 100 locations on Red Cup Day, one of the chain's busiest days of the year

“The enterprise-wide deployment of ransomware is not common in Ukraine, and this activity was not connected to any of the 94 active ransomware activity groups that Microsoft tracks,” the researchers said.

LEAVE A REPLY

Please enter your comment!
Please enter your name here