A new form of malware that was used against targets in Ukraine in the hours before the start of the Russian invasion, Microsoft detailed in a report. Dubbed as FoxBlade a trojan can use systems to perform DDoS attack
These recent and ongoing cyberattacks have been precisely targeted and we have not seen the use of the indiscriminate malware technology that spread across Ukraine’s economy and beyond its borders in the 2017 NotPetya attack, but the recent cyberattacks a concern on Ukrainian civilian digital targets, including the financial sector, agriculture sector, emergency response services, humanitarian aid efforts and energy sector organizations and enterprises.
The FoxBlade attacks were not the only cyber surprise to emerge from Russia. The first, Whispergate, was also discovered by researchers at Microsoft and is intended to be destructive, rendering targeted devices inoperable. The second, HermeticWiper, was discovered targetting Windows devices. The malware manipulates the master boot record, resulting in a boot failure.
FoxBlade, sounds like Microsoft is suggesting that the actors behind its development created it for the purpose of targeting critical infrastructure in Ukraine.
The malware isn’t deployed within the target environments, but instead installed on as many targets of opportunities as possible,Once enough systems are under their control, the infected machines can be collectively controlled to knock the actual target, in other words Ukrainian critical infrastructure, off the internet by flooding their public network connections with more traffic than they can handle.