Microsoft has announced a new hacker group that has already attacked Ukrainian and Polish companies using new ransomware. This applies to transport and logistics companies.
According to the software giant, the first attacks were recorded last Tuesday, so far they have not been linked to any known groups. Meanwhile, according to the source, the hacks are very similar to earlier attacks by the Russian hacker group, which has already attacked the systems of state institutions in Ukraine.
“The use of ransomware on such a scale is not common in Ukraine, and the activity was not associated with any of the 94 currently active ransomware groups that Microsoft monitors.‘, the researchers said.
The current attack used software called Prestige. This program encrypts the data on the victim’s computer and leaves a ransom note stating that the data can only be unlocked by purchasing a decryption tool. It is also noted that in some cases, hackers gained administrative access to the PC of the victims, after which they sent the ransomware virus over the network. It is assumed that the credentials were stolen earlier.