- Joined
- Apr 18, 2013
- Messages
- 94,343
- Reaction score
- 82,725
- Location
- Barsoom
- Gender
- Male
- Political Leaning
- Independent
Researchers find new destructive wiper malware in Ukraine
Cyber-warfare employed against Ukraine by the Kremlin.
3.15.22
Researchers have discovered a new type of destructive wiper malware affecting computers in Ukraine, making it at least the third strain of wiper to have hit Ukrainian systems since the Russian invasion began. The malware, dubbed CaddyWiper, was found by researchers at Slovakia-based cybersecurity firm ESET, who shared details in a tweet thread posted Monday. According to the researchers, the malware erases user data and partition information from any drives attached to a compromised machine. Sample code shared on Twitter suggests the malware corrupts files on the machine by overwriting them with null byte characters, making them unrecoverable. “We know that if the wiper works, it will effectively render the system useless,” Jean-Ian Boutin, head of threat research at ESET, told The Verge. “However, it is unclear at this point what is the overall impact of this attack.” So far, the number of cases in the wild appears to be small, and ESET’s research had observed one organization being targeted with CaddyWiper, Boutin said. ESET research has previously uncovered two other strains of wiper malware targeting computers in Ukraine. The first strain, labeled HermeticWiper by researchers, was discovered on February 23rd, one day before Russia began the military invasion of Ukraine. Another wiper known as IsaacWiper was deployed in Ukraine on February 24th.
Cyber-warfare employed against Ukraine by the Kremlin.