Security News > 2023 > January > Ukraine links data-wiping attack on news agency to Russian hackers
The Computer Emergency Response Team of Ukraine has linked a destructive malware attack targeting the country's National News Agency of Ukraine to Sandworm Russian military hackers.
"According to preliminary data, provided by CERT-UA specialists, the attack have caused certain destructive effects on the agency's information infrastructure, but the threat has been swiftly localized nonetheless," the State Service of Special Communications and Information Protection of Ukraine said.
The attackers launched the CaddyWiper malware on the news agency's systems using a Windows group policy, showing that they had breached the target's network beforehand.
The attackers tried to erase traces left by Industroyer ICS malware with the help of CaddyWiper, and other data wipers designed for Linux and Solaris systems tracked as Orcshred, Soloshred, and Awfulshred.
Since Russia invaded Ukraine in February 2022, security researchers have discovered a series of data-wiping malware deployed against Ukrainian targets besides CaddyWiper, including DoubleZero, HermeticWiper, IsaacWiper, WhisperKill, WhisperGate, and AcidRain.
Recent ransomware attacks against Ukraine have also been linked to the Sandworm Russian-backed threat group.
News URL
Related news
- Russian hackers use RDP proxies to steal data in MiTM attacks (source)
- 390,000 WordPress accounts stolen from hackers in supply chain attack (source)
- Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks (source)
- Chinese hackers targeted sanctions office in Treasury attack (source)
- Russian ISP confirms Ukrainian hackers "destroyed" its network (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Hackers use FastHTTP in new high-speed Microsoft 365 password attacks (source)
- How Russian hackers went after NGOs’ WhatsApp accounts (source)
- EU sanctions Russian GRU hackers for cyberattacks against Estonia (source)
- E.U. Sanctions 3 Russian Nationals for Cyber Attacks Targeting Estonia’s Key Ministries (source)