Microsoft has warned of a new malicious computer program used in cyber attacks against the Ukrainian government.
Described as a Master Boot Record (MBR) eraser, Microsoft claims that a malware program is used when the affected device is downgraded and disguises itself as a ransomware — but it has no way of rescuing and aimed at destroying bricks targeted at them.
Although Microsoft says it has not yet found any significant link between the targeted action (tracking as DEV-0586) and other well-known threat organizations, Ukraine said on Sunday it “had evidence” that Russia was behind the attack. An Independent cybersecurity expert in Kyiv told the Associated Press that the attackers had infiltrated government networks through a shared software provider in a supply chain attack. The provider is reportedly a firm called Kitsoft.
Microsoft Threat Intelligence Center (MSTIC) shared strategies, strategies, and procedures (TTPs), as well as compliance indicators (IOC) related to the attack.