Security News > 2022 > February > New Wiper Malware Targeting Ukraine Amid Russia's Military Operation

New Wiper Malware Targeting Ukraine Amid Russia's Military Operation
2022-02-24 13:38

Cybersecurity firms ESET and Broadcom's Symantec said they discovered a new data wiper malware used in fresh attacks against hundreds of machines in Ukraine, as Russian forces formally launched a full-scale military operation against the country.

The Slovak company dubbed the wiper "HermeticWiper", with one of the malware samples compiled on December 28, 2021, implying that preparations for the attacks may have been underway for nearly two months.

"The wiper abuses legitimate drivers from the EaseUS Partition Master software in order to corrupt data. As a final step the wiper reboots [the] computer."

At least one of the intrusions involved deploying the malware directly from the Windows domain controller, indicating that the attackers had taken control of the target network.

The development marks the second time this year that a data wiper has been deployed on Ukrainian computer systems after the WhisperGate operation in mid-January.

The wiper attacks also follow a third "Massive" wave of distributed denial-of-service attacks that hit several Ukrainian government and banking institutions on Wednesday, knocking out online portals for the Ministry of Foreign Affairs, Cabinet of Ministers, and Rada, the country's parliament.


News URL

https://thehackernews.com/2022/02/new-wiper-malware-targeting-ukraine.html