Microsoft Finds Destructive Malware in Attacks Targeting Ukraine

Eduard Gismatullin, Bloomberg News

A Ukrainian flag flies at a political rally for Yulia Tymoshenko, former Prime Minister, not pictured, in Kiev, Ukraine, on Friday, March 29, 2019. Ukraine votes on Sunday in the first round of its presidential election. Photographer: Taylor Weidman/Bloomberg , Bloomberg

(Bloomberg) -- Microsoft Corp. said it has observed “destructive malware” in systems belonging to several Ukrainian government agencies and organizations that work with the authorities.

“The malware is disguised as ransomware but, if activated by the attacker, would render the infected computer system inoperable,” the company said in a statement. “We’re sharing this information to help others in the cybersecurity community look out for and defend against these attacks.”

Microsoft hasn’t identified any groups behind the attacks and is continuing its analysis. The malware was first detected on Jan. 13, the company said.

“We have already built and deployed protections for this malware into Microsoft 365 Defender Endpoint Detection and Anti-virus protections wherever these products are deployed, both on-premises and in the cloud,” it said. “We see no indication so far that these attacks utilize any vulnerability in Microsoft products and services.”

NOTE: Cyberattack Hits Ukrainian Websites as Russia Tensions Mount