ESET and Broadcom's Symantec claimed that they have discovered a data wiper malware which is used in the attacks against the Ukraine's machines as the Russian forces have launched a sull-scale military operation against the country. 'HermeticWiper' which was found with the malware samples compiled on December 28 2021 indicated that the preparations for the sttack have been underway for nearly two months.
This malware is signed using the code signing certificate which is issued by Hermetica Digital Ltd. This wiper abuses the drivers from EaseUS Partition Master software to corrupt data. It then reboots the system. This malware was directly deployed on the system indicating that attackers had took the control of the target systems. The scale, impact, and identity of the attacker is unknown. This is the second time that an attack has been deployed on the Ukranian systems since mid-January after WhisperGate.
The wiper attack followed a denial-of-service attack on several Ukranian goverenment and banking institutions on wednesday thus stopping and knocking out the online portals for cabinet of ministers, Ministry of Foreign Affairs, and the country's parliament.
The disruptive malicious cyber attacks have led the Ukranian law enforcement to categorize these attacks to create anxiety and to undermine the ability of the state to stabilize it's unity.
Cybercriminals on the dark web are looking for ways to capitalize the ongoing political situation by advertising to sell the databases and information related to Ukranian citizens.
Comments
Post a Comment