Security News > 2022 > December > Russian Courts Targeted by New CryWiper Data Wiper Malware Posing as Ransomware

A new data wiper malware called CryWiper has been found targeting Russian government agencies, including mayor's offices and courts.

"The activity of CryWiper once again shows that the payment of the ransom does not guarantee the recovery of files," the researchers said, stating the malware "Deliberately destroys the contents of files."

CryWiper is the second retaliatory wiper malware strain aimed at Russia after RURansom, a.NET-based wiper that was found targeting entities in the country earlier this March.

The ongoing conflict between Russia and Ukraine has involved the deployment of multiple wipers, with the latter hit with a wide range of malware such as WhisperGate, HermeticWiper, AcidRain, IsaacWiper, CaddyWiper, Industroyer2, and DoubleZero.

"Wipers can be effective regardless of the technical skills of the attacker, as even the simplest wiper can wreak havoc on affected systems," Trellix researcher Max Kersten said in an analysis of destructive malware last month.

"The required time to create such a piece of malware is low, especially when compared to complex espionage backdoors and the often-accompanying vulnerabilities that are used. The return of investment need not be high in those cases, although it is unlikely that a few wipers are to wreak that much havoc in and of themselves."

News URL

https://thehackernews.com/2022/12/russian-courts-targeted-by-new-crywiper.html