Microsoft released a press update last week that it has stopped a hacking group linked to Russian GRU military unit from targeting Ukraine’s critical infrastructure and some dignitaries and think tanks linked to United States.
The company seems to spy on the activities that are taking place on all Windows machines operating in the Putin led nation. But it already announced that it will withdraw sales and support from Russia, as it lodged an illogical and inhuman war invasion into Ukraine.
Tom Burt, the Corporate Vice President serving for customer security and Trust of Microsoft announced that the hacking group in discussion is Strontium and it has been spying on Ukraine’s digital infrastructure from the past few months, way before the war between Russia and Ukraine started i.e. in the early hours of February 24th, 2022.
Meanwhile, in another analysis conducted and released by security researchers from ESET, a new malware named Industroyer2 was seen infecting the IT infrastructure of Ukraine’s energy suppliers.
An alert was issued by ESET to the Computer Emergency Response Team (CERT) of Ukraine and is believed that the malware is being spread by Sandworm APT Group to create a blackout in the Kiev, the capital of Ukraine.
Such attempts targeting Ukraine’s power firms were also seen in the year 2016 and they were linked to activities conducted by Kremlin to retaliate against the stand of Ukraine military in Donbas region.
On April 8th, 2022 Sandworm tried to install a new version of Industroyer malware on the management systems of high voltage electrical substations across Ukraine. And the sole purpose of such activity was to trigger power outages and push the Zelensky led a nation into darkness.