homehome Home chatchat Notifications


Special malware hit Ukraine just before the Russian invasion. Microsoft identified and mitigated it in 3 hours

War is no longer offline-only

Fermin Koop
March 2, 2022 @ 7:58 pm

share Share

As tanks hit Ukraine, so did malware. Microsoft disclosed that it detected a round of offensive and destructive cyberattacks targeting Ukraine’s digital infrastructure. The malware package, which the company named FoxBlade, was launched only hours before Russia launched its first missile attacks last week. The malware could also affect computers outside of Ukraine.

Image credit: Pixabay.

The malware package had never been seen before, Microsoft’s Threat Intelligence Center (MSTIC) said, noting that it added new signatures to its anti-malware service to detect FoxBlade in just three hours of the discovery. Specifics of the malware aren’t known, but Microsoft said it can use your PC for distributed denial-of-service attacks.

Microsoft President and Vice-Chair Brad Smith said in a blog post that the company’s “principal and global responsibility” is to help governments and countries to defend themselves from cyberattacks. This role was highlighted last week in Ukraine, he added, as the government, as well as organizations and individuals, were under attack.

“In recent days, we have provided threat intelligence and defensive suggestions to Ukrainian officials regarding attacks on a range of targets, including Ukrainian military institutions and manufacturers and several other Ukrainian government agencies.,” Smith said. “These recent and ongoing cyberattacks have been precisely targeted.”

Smith said Microsoft is “especially concerned” about cyberattacks on Ukrainian civilian digital targets, such as emergency response services, enterprises, the agriculture sector, and the financial sector. The tech giant also detected cyber efforts to steal a wide range of sensitive data sets, including insurance, health, and transportation-related information.

The company is also sharing information with US officials in Washington and NATO officials in Europe, building on their work to address cyber activity against Ukrainian targets. Smith said they will continue to “constantly update” all of Microsoft’s services, including their Defender service, to protect against any potential spread of malware.

Beyond malware, Microsoft is also working to tackle “state-sponsored disinformation” by removing content from Russian state media such as Russia Today (RT) and Sputnik from MSN.com and other Microsoft services like the Widgets menu. The company has removed RT’s apps from the Windows Store, and RT content is being deprioritized in Bing searches.

“The past few days have seen kinetic warfare accompanied with a well-orchestrated battle ongoing in the information ecosystem where the ammunition is disinformation, undermining truth and sowing seeds of discord and distrust. This requires decisive efforts across the tech sector as well as with governments, academia, and civil society,” Smith wrote.

Building on previous work

The malware attack didn’t catch Microsoft off guard, as the tech giant has been working hard over the past few years on increasing the security features of Windows PCs. In 2019, for example, it launched the “secured-core PC” initiative, focused on guarding against firmware-level attacks – relatively uncommon but very nasty when they happen.

But the list goes on. The system requirements of Window’s 11 mandate support for several supported-but-optional security features from Windows 10. Microsoft said it implemented these requirements because of the NotPetya data-wiping malware, which targeted hundreds of companies and hospitals worldwide in 2017 – including Ukraine’s power grid.

“As we look to the future, it’s apparent that digital technology will play a vital role in war and peace alike. Like so many others, we call for the restoration of peace, respect for Ukraine’s sovereignty, and the protection of its people. We not only look toward but will work for a future where digital technology is used to protect countries and peoples,” Smith wrote.

For people around the world, the best thing to do is update your Windows (if you use it) to make sure you benefit from the added protection. With cyber warfare being more common than ever, your devices have never been as vulnerable. Stay safe.

share Share

Coolness Isn’t About Looks or Money. It’s About These Six Things, According to Science

New global study reveals the six traits that define coolness around the world.

Ancient Roman Pompeii had way more erotic art than you'd think

Unfortunately, there are few images we can respectably share here.

Wild Orcas Are Offering Fish to Humans and Scientists Say They May Be Trying to Bond with Us

Scientists recorded 34 times orcas offered prey to humans over 20 years.

No Mercury, No Cyanide: This is the Safest and Greenest Way to Recover Gold from E-waste

A pool cleaner and a spongy polymer can turn used and discarded electronic items into a treasure trove of gold.

This $10 Hack Can Transform Old Smartphones Into a Tiny Data Center

The throwaway culture is harming our planet. One solution is repurposing billions of used smartphones.

Doctors Discover 48th Known Blood Group and Only One Person on Earth Has It

A genetic mystery leads to the discovery of a new blood group: “Gwada negative.”

More Than Half of Intersection Crashes Involve Left Turns. Is It Time To Finally Ban Them?

Even though research supports the change, most cities have been slow to ban left turns at even the most congested intersections.

A London Dentist Just Cracked a Geometric Code in Leonardo’s Vitruvian Man

A hidden triangle in the vitruvian man could finally explain one of da Vinci's greatest works.

The Story Behind This Female Pharaoh's Broken Statues Is Way Weirder Than We Thought

New study reveals the ancient Egyptian's odd way of retiring a pharaoh.

China Resurrected an Abandoned Soviet 'Sea Monster' That's Part Airplane, Part Hovercraft

The Soviet Union's wildest aircraft just got a second life in China.