Security News > 2022 > April > Data-wiper malware strains surge as Ukraine battles ongoing invasion

One of the wipers also took wind turbines in Germany offline, satellite communication modems in Ukraine seemingly being the primary target in this specific attack.

While the wipers have primarily targeted Ukrainian organizations to date, as the illegal and bloody Russian invasion of Ukraine continues, cybersecurity and law enforcement agencies warn that Kremlin-backed crime gangs may turn their destructive attacks toward Western governments and companies.

"Further disruptive cyberattacks against organizations in Ukraine are likely to occur and may unintentionally spill over to organizations in other countries," the Feds warned.

Security researchers at SentinelOne discovered this malware last month, which they theorized was used in an attack against the Viasat KA-SAT satellite broadband service provider to deploy AcidRain on KA-SAT modems used in Ukraine.

The security shop's researchers also suggested with "Medium-confidence" that the Kremlin-backed Sandworm gang is behind the AcidRain attack, and that this new wiper malware may be a successor to Russia's destructive VPNFilter.

In 2019, Ordinypt targeted German organizations with phishing emails and that same year Iranian state-sponsored criminals attacked Bapco, Bahrain's national oil company, with a wiper named Dustman.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/04/29/wiper_attacks_jump_500_percent/