New data-wiping malware used in attacks on Ukraine
A new data wiper was discovered by security firms which are used in destructive attacks against Ukrainian networks just as Russia moves troops into regions of Ukraine.
A data wiper is malware that intentionally destroys data on a device to make the data unrecoverable and for the operating system to no longer work correctly.
The Ukrainian government agencies and banks were hit with DDoS attacks that took websites offline today.
The cybersecurity firms Symantec and ESET confirmed that they found the new destructive data wiper malware that were used in cyberattacks against Ukrainian organizations.
Symantec shared the hash of the new data-wiper on Twitter, which is currently being detected by only 16/70 security engines on VirusTotal.
According to Symantec Threat Hunter telemetry, new wiper attacks were discovered in Ukraine, Latvia, and Lithuania and the targets include finance and government contractors.
ESET also posted a detailed Twitter thread containing a technical analysis of the new data wiper and how they have seen it deployed.
According to ESET, the new data wiper is detected as Win32/KillDisk.NCV and was seen deployed on hundreds of devices on Ukrainian networks today.
Even though the cyberattacks occurred today, ESET notes that the malware was compiled on 12/28/21, indicating that the attacks may have been planned for some time.
The wiper malware detected in Ukraine this year has so far been manually activated.
Image Credits : WeLiveSecurity
The post New data-wiping malware used in attacks on Ukraine first appeared on Cybersafe News.
