Security researchers from the Redmond-based company Microsoft have discovered that government computers in Ukraine have been infected with malware. The malware disguises itself as ransomware and is designed to delete stored data on attacker’s command. Like microsoft communicates, the malware was discovered on computers by government agencies and IT specialists. The program should overwrite the Master Boot Record (MBR) from the connected storage media and all files with certain extensions. This fools the system into believing that it is a normal blackmail Trojan. In fact, the malware is capable of deleting all data on the computer and incapacitating the system as soon as a command is sent.
It is still unclear who developed and distributed the malware. So far no match has been found with activities from known groups. Microsoft suspects that the attackers acted on behalf of a state. The Ukrainian government claims to have evidence of Russian intelligence involvement. As recently as January 14, the websites of the Ukrainian authorities were attacked. A message from the hackers was visible on the affected pages. It is conceivable that the attack was a distraction to deploy the malware.
Although Russia denies being involved in the cyber attacks, tensions remain high between the two countries. Just recently, Russia sent around 100,000 troops to the border region with Ukraine. The US government accuses Russia of preparing an invasion. An escalation of the conflict can therefore no longer be ruled out.
Brian is the news author at Research Snipers which mainly covers Technology News, Microsoft News, Google News, Facebook, Apple, Huawei, Xiaomi, and other tech news.