FoxBlade malware targeted Ukrainian networks hours before Russia’s invasion

Microsoft revealed that Ukrainian entities were targeted with a previous undetected malware, dubbed FoxBlade, several hours before the invasion.

The Microsoft Threat Intelligence Center (MSTIC) continues to investigate the attacks that are targeting Ukrainian networks and discovered that entities in Ukraine were targeted with a previously undetected malware, dubbed FoxBlade, several hours before Russia’s invasion.

“This trojan can use your PC for distributed denial-of-service (DDoS) attacks without your knowledge.” reads the advisory published by Microsoft.

The IT giant immediately advised the Ukrainian government about the ongoing attacks and provided it with technical advice on how to detect and neutralize the malicious code. Microsoft pointed out that its experts have written signatures to detect the malware within three hours of this discovery.

“Several hours before the launch of missiles or movement of tanks on February 24, Microsoft’s Threat Intelligence Center (MSTIC) detected a new round of offensive and destructive cyberattacks directed against Ukraine’s digital infrastructure,” said Microsoft President and Vice-Chair Brad Smith. “These recent and ongoing cyberattacks have been precisely targeted, and we have not seen the use of the indiscriminate malware technology that spread across Ukraine’s economy and beyond its borders in the 2017 NotPetya attack.”

FoxBlade is the third malware that was discovered at this time which was involved in attacks against Ukrainian entities. Two other destructive malware, tracked as WhisperGate and HermeticWiper, were used in data wiping attacks against organizations in Ukraine.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, FoxBlade)

[adrotate banner=”5″]

[adrotate banner=”13″]