Home / Early Warning / Cybersecurity Highlights / Microsoft detects malware targeting Ukrainian organisations

Microsoft detects malware targeting Ukrainian organisations


A spokesman for the Ukrainian Ministry of Foreign Affairs has said that as a result of a cyber-attack, the websites of the Ukrainian Foreign Ministry and other government agencies are temporarily down. Its specialists have already started to restore the functioning of computer systems and the police have opened an investigation. It also indicates that the Security Service of Ukraine has obtained preliminary indicators suggesting that cybercriminal groups associated with the Russian secret services could be behind the cyberattack.

Separately, the Microsoft Threat Intelligence Centre (MSTIC) has identified evidence of a malware operation targeting multiple Ukrainian non-profit and IT organisations. This malware is designed to act like ransomware, but lacks a mechanism for recovering encrypted information, as it serves to render devices unusable rather than obtain a ransom. Microsoft, which does not rule out that more systems are affected, has not yet been able to identify who is behind the massive hacking operation because its characteristics do not match the activity of 'other known groups'.