A novel ransomware campaign has been noticed focusing on organizations in the transportation and logistics industries in Ukraine and Poland applying a earlier unidentified ransomware payload.
Dubbed “Prestige ranusomeware” by its creators, the malware was noticed by the Microsoft Risk Intelligence Middle (MSTIC), focusing on numerous organizations on October 11 in assaults developing inside of an hour of every other.
In accordance to an advisory posted by Microsoft very last Friday, the campaign experienced quite a few noteworthy options that differentiate it from other ransomware ones tracked by the tech large.
“The enterprise-extensive deployment of ransomware is not prevalent in Ukraine, and this activity was not linked to any of the 94 now lively ransomware action teams that Microsoft tracks,” the corporation stated.
“The activity shares victimology with recent Russian point out-aligned action, particularly on affected geographies and international locations, and overlaps with former victims of the FoxBlade malware (also recognized as Hermetic Wiper).”
Despite these comparable deployment methods, nevertheless, Microsoft mentioned the new marketing campaign is unique from latest destructive attacks leveraging AprilAxe or FoxBlade that have impacted critical infrastructure businesses in Ukraine over the very last two months.
“MSTIC has not nonetheless linked this ransomware campaign to a regarded risk team and is continuing investigations. MSTIC is monitoring this exercise as DEV-0960,” the organization wrote. Noticeably, Microsoft takes advantage of ‘DEV’ designations as a non permanent title for unidentified, emerging or creating clusters of threat exercise.
The tech giant also confirmed it is continuing to monitor the Prestige campaign and is in the process of notifying shoppers impacted by DEV-0960 but not nevertheless ransomed.
“The menace landscape in Ukraine continues to evolve, and wipers and damaging assaults have been a consistent theme,” Microsoft said.
“Ransomware and wiper assaults count on a lot of of the exact same security weaknesses to realize success. As the condition evolves, companies can adopt the hardening assistance [here] to help build additional robust defenses versus these threats.”
To defend versus this and other cyber-threats, Ukraine has lately increased cooperation attempts with several European Union (EU) cybersecurity agencies.
Some parts of this article are sourced from:
www.infosecurity-magazine.com