Security News > 2022 > February > New data-wiping malware used in destructive attacks on Ukraine
Cybersecurity firms have found a new data wiper used in destructive attacks today against Ukrainian networks just as Russia moves troops into regions of Ukraine.
A data wiper is malware that intentionally destroys data on a device to make the data unrecoverable and for the operating system to no longer work correctly.
Cybersecurity firms Symantec and ESET found the new data wiper, which both state that the malware was used in attacks today.
"In one of the targeted organizations, the wiper was dropped via the default GPO meaning that attackers had likely taken control of the Active Directory server," explains ESET. The details regarding this new data wiper are still developing, and we will update the story as more information becomes available.
In January, Microsoft disclosed that a destructive data-wiping malware disguised as ransomware was used in attacks against multiple Ukrainian organizations.
While the attacks have not been attributed to Russia, data wipers have been a tool used by Russian state-sponsored threat actors in the past.
News URL
Related news
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)