New Data-Wiping Malware Discovered on Systems in Ukraine
Researchers were scrambling to analyze a newly discovered piece of data-wiping malware found in the wild.
This is a developing story and will be updated as it evolves.
That's the sound of the first shoe dropping — or the first bit of destructive malware, anyway: Researchers at ESET today reported their discovery of new data-wiping malware on hundreds of systems in Ukraine that in at least one case infiltrated the victim's Microsoft Active Directory server. The reports came as the US government has continued its crescendo of warnings to US organizations to prepare for major cyberattacks out of Russia amid its potential invasion of Ukraine and possible retaliation for US economic sanctions on Russia.
"The wiper abuses legitimate drivers from the EaseUS Partition Master software in order to corrupt data. As a final step the wiper [reboots the] computer," ESET said in a tweet. The EaseUS Partition Master is a disk management tool.
"The Wiper binary is signed using a code signing certificate issued to Hermetica Digital Ltd," according to ESET.
The attack may have been in the works for two months, according to time-stamp information on one of the samples. ESET said the wiper follows DDoS attacks on multiple Ukrainian websites today.
About the Author(s)
You May Also Like
Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024Why Effective Asset Management is Critical to Enterprise Cybersecurity
May 21, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024