Ukraine, Poland Hit by Novel Ransomware Cyberattack by New Hacking Group, Says Microsoft

The hacks closely mirrored earlier attacks by a Russian government-linked cyber team that had disrupted Ukraine government agencies.

Ukraine, Poland Hit by Novel Ransomware Cyberattack by New Hacking Group, Says Microsoft

Ukraine has been target of numerous cyberattacks by Russia since the start of conflict in February

Highlights
  • The hacking group attacked transportation and logistics companies
  • The attackers targeted a wide range of systems within an hour on Tuesday
  • Cyberattacks hit hundreds of computers in Ukraine, Lithuania, and Latvia

A newly discovered hacking group has attacked transportation and logistics companies in Ukraine and Poland with a novel kind of ransomware, Microsoft said in a blog post on Friday.

The attackers targeted a wide range of systems within an hour on Tuesday, Microsoft said, adding that it hadn't been able to link the attacks to any known group yet.

Notably, however, researchers found that the hacks closely mirrored earlier attacks by a Russian government-linked cyber team that had disrupted Ukraine government agencies.

Ukraine has been the target of numerous cyberattacks by Russia since the start of the conflict in late February, according to western security researchers and senior government officials.

The Russian Embassy in Washington did not immediately respond to a request for comment, and neither did the cybersecurity agencies of Ukraine or Poland.

Victims of the new ransomware, named "Prestige," overlap with those of another data-shredding cyberattack that involved the "FoxLoad," or "HermeticWiper" malware, Microsoft said.

That attack hit hundreds of computers in Ukraine, Lithuania, and Latvia at the beginning of the Russian invasion of Ukraine.

"Prestige" ransomware works by encrypting a victims' data and leaving a ransom note that says the data can only be unlocked with the purchase of a decryption tool, Microsoft said.

In several cases, the researchers noted that the hackers had gained administrator control of the victims' systems ahead of deploying the ransomware, suggesting they had stolen their credentials earlier and were waiting for the right moment.

"The enterprise-wide deployment of ransomware is not common in Ukraine, and this activity was not connected to any of the 94 currently active ransomware activity groups that Microsoft tracks," the researchers said.

© Thomson Reuters 2022


5G is here. Should you buy a 4G phone? We discuss this on Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.
Affiliate links may be automatically generated - see our ethics statement for details.
Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Further reading: Microsoft, Ukraine, Ransomware
The Crown Season 5: Netflix Teases First Look Ahead of Release on November 9
Tata Power Said to Have Been Hit by Cyberattack, IT Systems Affected
Share on Facebook Tweet Snapchat Share Reddit Comment google-newsGoogle News
 
 

Advertisement

Follow Us

Advertisement

© Copyright Red Pixels Ventures Limited 2023. All rights reserved.