| Translate This News In |
|---|
According to a blog post by Microsoft on Friday, a recently identified hacker group has used a novel kind of ransomware to assault logistics and transportation firms in Poland and Ukraine.
In less than an hour on Tuesday, the attackers targeted a variety of computers, according to Microsoft, which added that it had not yet been able to connect the attacks to any known group.
Researchers discovered that the cyberattacks, however, closely resembled past assaults by a cyber team connected to the Russian government that had affected Ukrainian government services.
Russian cyberattacks against Ukraine have been widespread since the conflict’s outbreak in late February, according to senior government officials and western security researchers.
A request for comment was not immediately answered by the Ukrainian or Polish cybersecurity organizations, nor did it receive one from the Russian Embassy in Washington.
According to Microsoft, victims of the “Prestige” ransomware also fell victim to another cyberattack that used the “FoxLoad” or “HermeticWiper” virus to shred data.
At the start of the Russian invasion of Ukraine, that attack affected hundreds of computers in Ukraine, Lithuania, and Latvia.
According to Microsoft, the “Prestige” ransomware encrypts the data of its victims and then leaves a ransom note demanding payment for a decryption tool in order to release the data.
The researchers discovered that the hackers had administrator access to the victims’ systems in numerous instances before releasing the ransomware, which may indicate that they had already obtained the victims’ login information and were waiting for the ideal time to strike.
The researchers noted that the enterprise-wide distribution of ransomware is uncommon in Ukraine and that this activity was unrelated to any of the 94 active ransomware activity groups that Microsoft keeps track on.
