Security News > 2022 > February > New data-wiping malware used in destructive attacks on Ukraine
Cybersecurity firms have found a new data wiper used in destructive attacks today against Ukrainian networks just as Russia moves troops into regions of Ukraine.
A data wiper is malware that intentionally destroys data on a device to make the data unrecoverable and for the operating system to no longer work correctly.
Cybersecurity firms Symantec and ESET found the new data wiper, which both state that the malware was used in attacks today.
"In one of the targeted organizations, the wiper was dropped via the default GPO meaning that attackers had likely taken control of the Active Directory server," explains ESET. The details regarding this new data wiper are still developing, and we will update the story as more information becomes available.
In January, Microsoft disclosed that a destructive data-wiping malware disguised as ransomware was used in attacks against multiple Ukrainian organizations.
While the attacks have not been attributed to Russia, data wipers have been a tool used by Russian state-sponsored threat actors in the past.
News URL
Related news
- Ivanti zero-day attacks infected devices with custom malware (source)
- WP3.XYZ malware attacks add rogue admins to 5,000+ WordPress sites (source)
- IPany VPN breached in supply-chain attack to push custom malware (source)
- MintsLoader Delivers StealC Malware and BOINC in Targeted Cyber Attacks (source)
- 7-Zip MotW bypass exploited in zero-day attacks against Ukraine (source)