Microsoft warns of disk-wiping malware targeting Ukraine

Daniel Sims

Posts: 397   +17
Staff
In brief: Microsoft issued a warning over the weekend of malware targeting government and other organizations in Ukraine, which wipes the data on affected systems. This news comes right as cyberattacks were reported against Ukraine amidst rising tensions with neighboring Russia.

Last week it was reported that Ukraine government servers were hit by a significant cyberattack that took down government websites. Some of the affected systems, including the Foreign Ministry’s website, displayed an ominous message written in Russian, Ukranian, and Polish.

“Ukrainians! All data on the computer is being destroyed, it is impossible to recover it,” the message said. “All information about you has become public, be afraid and expect the worst.”

No one claimed responsibility for the attack, but Russia currently has 100,000 troops positioned along its border with Ukraine, stoking fears of an impending invasion.

Right after the cyberattack, The Microsoft Threat Intelligence Center (MSTIC) said it had identified malware targeting Ukrainian organizations designed to destroy data. It works similar to ransomware but has several key differences. Most importantly, it doesn’t provide a way to pay a ransom or restore affected data. Instead, it wipes it permanently.

According to MSTIC’s report, ransomware typically doesn’t target the Master Boot Record, which tells the computer how to load the operating system, but this malware does, overwriting it. Another difference is that this same malware was found on multiple systems, whereas each piece of ransomware is usually tailored per victim.

Microsoft is still analyzing the malware, but it has already deployed protections through Microsoft Defender under the name WhisperGate (e.g., DoS:Win32/WhisperGate.A!dha).

Permalink to story.

 

OortCloud

Posts: 731   +667
Another tiny, bald, sexually confused man with a napoleon complex tries to hide all his inadequacies behind acts of aggression...
 

dangh

Posts: 506   +771
So. Russia is going to take Ukraine in next 2 months probably and we can't do much with that, just stay and observe, and looks like digital war already started..
this is fked up. Some goverments are still living in barbarian times.
 

theruck

Posts: 541   +341
Is it the same Microsoft who gave the world the January security updates which made ReFS unreadable, hyperv non fuctional and domain controllers rebooting in a loop? well then it must be true dangerous malware out there
 

Nobina

Posts: 3,726   +4,100
Well... Does this mean that Putin should have taken care of the drug problems of Russian athletes before taking care of the drug problems of other governments?!?

Sorry, I had to... LOL!
Go ahead, I don't find anything about this situation funny.
 

captaincranky

Posts: 18,527   +7,370
Another tiny, bald, sexually confused man with a napoleon complex tries to hide all his inadequacies behind acts of aggression...
Well... Does this mean that Putin should have taken care of the drug problems of Russian athletes before taking care of the drug problems of other governments?!?
No, it means Putin's doctor revoked his Viagra prescription.
Just ask his horse.