Partager:

JAKARTA - A newly discovered hacker group has attacked transportation and logistics companies in Ukraine and Poland. According to Microsoft in a blog post on Friday, October 14, these hackers attacked with a new type of ransomware.

Microsoft explained that the attackers targeted various systems within an hour on Tuesday, October 11. Microsoft also added that they could not link the attack to a known group.

In particular, however, the researchers found that the hack was very similar to previous attacks by cyber teams related to the Russian government that had disrupted Ukrainian government agencies some time ago.

According to western security researchers and senior government officials, Ukraine has been the target of various cyberattacks by Russia since the start of the conflict in late February.

The Russian Embassy in Washington did not immediately respond to a request for comment on the report. Likewise the Ukrainian or Polish cybersecurity agency.

The new ransomware victim, named "Prestige," overlaps with another data-destroying cyberattack involving the malware "FoxLoad," or "HermeticWiper", Microsoft said.

The attack hit hundreds of computers in Ukraine, Lithuania, and Latvia at the start of Russia's invasion of Ukraine.

Ransomware "Prestige" works by encrypting victim data and leaving a ransom note saying that data can only be opened by purchasing decryption tools, " Microsoft added.

In some cases, researchers noted that hackers had gained administrator control over the victim's system before spreading ransomware. This indicates that they have stolen their credentials early and are waiting for the right time to declare the attack.

"The spread of ransomware across companies is not common in Ukraine, and this activity is not connected to any of the 94 currently active ransomware activity groups that Microsoft is tracking," the researchers said.


The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)