Microsoft finds FoxBlade malware on Ukrainian systems, removes RT from Windows app store

Microsoft says it found a new malware package — which it calls “FoxBlade” — hours before Russia began its invasion of Ukraine on February 24. 

In a blog post, Microsoft president Brad Smith said it was coordinating its efforts to protect users in Ukraine with the Ukrainian government, the European Union, European nations, the US government, NATO, and the United Nations.

Ukraine Crisis

“Several hours before the launch of missiles or movement of tanks on February 24, Microsoft’s Threat Intelligence Center (MSTIC) detected a new round of offensive and destructive cyberattacks directed against Ukraine’s digital infrastructure. We immediately advised the Ukrainian government about the situation, including our identification of the use of a new malware package (which we denominated FoxBlade), and provided technical advice on steps to prevent the malware’s success,” Smith said. 

“In recent days, we have provided threat intelligence and defensive suggestions to Ukrainian officials… This work is ongoing.”

Smith noted that the cyberattacks on Ukraine seen by Microsoft have been extremely targeted and not as wide-ranging as the 2017 NotPetya attack

But Smith said Microsoft has seen recent cyberattacks on “Ukrainian civilian digital targets, including the financial sector, agriculture sector, emergency response services, humanitarian aid efforts, and

Read More: