Email-borne attacks out of Russia have already targeted at least a few US and European organizations.
Most cyberattacks in Ukraine continue to be planned and highly targeted, but there are some signs that this soon may change.
One indication is a new Trojan dubbed FoxBlade, which Microsoft researchers recently discovered on Ukrainian government systems; it would allow attackers to use infected PCs in distributed denial-of-service (DDoS) attacks. There is some concern that the operators of the malware will try and infect as many systems as possible with it — both inside and outside Ukraine — to make their DDoS attacks more powerful.
Another indication is a sharp increase in phishing attacks out of Russia over the past 24 hours that already have affected some organizations in the US and Europe.
Microsoft president and vice-chair Brad Smith mentioned FoxBlade briefly in a broader blog post on the use and abuse of digital technology in Ukraine on Monday. He described the malware as being used as part of a broader set of “precisely targeted” attacks, unlike in 2017 when NotPetya attacks spread from Ukraine to other countries. Smith offered no description of FoxBlade or potential infection vectors but noted that Microsoft had developed a signature for the threat in three hours and added it to the company’s Defender anti-malware service. Read more:https://bit.ly/3hwwfoL