Tag: wiper

SwiftSlicer is a newly found wiper malware that has focused Ukraine. A wiper malware is a sort of malicious software program designed to destroy information on a focused system. SwiftSlicer was first noticed by cybersecurity researchers in December 2021.

In keeping with the researchers, SwiftSlicer is totally different from different wiper malware in that it has the flexibility to unfold to different methods inside a community, making it extra harmful. It’s also able to bypassing safety software program, which makes it troublesome to detect and cease. The malware has been discovered to unfold via phishing emails that include a malicious attachment. As soon as the attachment is opened, the malware is put in on the system, permitting it to unfold to different methods inside the community.

The principle goal of SwiftSlicer seems to be Ukraine, with the vast majority of the assaults being reported within the nation. The Ukrainian authorities has issued a warning concerning the malware, advising folks to be cautious when opening emails and attachments from unknown sources.

SwiftSlicer shouldn’t be the primary wiper malware to focus on Ukraine. In 2017, the nation was hit by the NotPetya wiper malware, which precipitated widespread injury and disruption to companies and authorities organizations. The assault was later attributed to the Russian authorities.

Cybersecurity consultants have warned that SwiftSlicer is a big risk and that organizations and people ought to take precautions to guard themselves. This consists of conserving safety software program updated, being cautious when opening emails and attachments from unknown sources, and frequently backing up necessary information.

In conclusion, SwiftSlicer is a damaging wiper malware that has been found focusing on Ukraine. Its means to unfold inside networks and bypass safety software program makes it a big risk. Organizations and people ought to take precautions to guard themselves towards this new risk.

ESET researchers have uncovered one more damaging knowledge wiper that was utilized in assaults towards organizations in Ukraine.

Dubbed CaddyWiper by ESET analysts, the malware was first detected at 11.38 a.m. native time (9.38 a.m. UTC) on Monday. The wiper, which destroys person knowledge and partition info from connected drives, was noticed on a number of dozen methods in a restricted variety of organizations. It is detected by ESET merchandise as Win32/KillDisk.NCX.

CaddyWiper bears no main code similarities to both HermeticWiper or IsaacWiper, the opposite two new knowledge wipers which have struck organizations in Ukraine since February 23^rd.

Very like with HermeticWiper, nonetheless, there’s proof to counsel that the unhealthy actors behind CaddyWiper infiltrated the goal’s community earlier than unleashing the wiper.

#BREAKING #ESETresearch warns in regards to the discovery of a third damaging wiper deployed in Ukraine 🇺🇦. We first noticed this new malware we name #CaddyWiper at this time round 9h38 UTC. 1/7 pic.twitter.com/gVzzlT6AzN

— ESET analysis (@ESETresearch) March 14, 2022

A wiper every week

That is the third time in as many weeks that ESET researchers have noticed a beforehand unknown pressure of data-wiping malware in Ukraine.

On the eve of Russia’s invasion of Ukraine, ESET’s telemetry picked up HermeticWiper on the networks of a variety of high-profile Ukrainian organizations. The campaigns additionally leveraged HermeticWizard, a customized worm used for propagating HermeticWiper inside native networks, and HermeticRansom, which acted as decoy ransomware.

The following day, a second damaging assault towards a Ukrainian governmental community began, this time deploying IsaacWiper.

Ukraine within the crosshairs

In January of this yr, one other knowledge wiper, known as WhisperGate, swept by way of the networks of a number of organizations in Ukraine.

All these campaigns are solely the newest in a protracted string of assaults to have hit high-profile targets within the nation over the previous eight years. As explored by ESET researchers in a latest webinar and podcast, Ukraine has been on the receiving finish of a variety of extremely disruptive cyberattacks since 2014, together with the NotPetya attack that tore by way of the networks of a variety of Ukrainian companies in June 2017 earlier than spreading past the nation’s borders.