New Data-Wiping Malware Discovered on Systems in Ukraine
Researchers were scrambling to analyze a newly discovered piece of data-wiping malware found in the wild.
This is a developing story and will be updated as it evolves.
That's the sound of the first shoe dropping — or the first bit of destructive malware, anyway: Researchers at ESET today reported their discovery of new data-wiping malware on hundreds of systems in Ukraine that in at least one case infiltrated the victim's Microsoft Active Directory server. The reports came as the US government has continued its crescendo of warnings to US organizations to prepare for major cyberattacks out of Russia amid its potential invasion of Ukraine and possible retaliation for US economic sanctions on Russia.
"The wiper abuses legitimate drivers from the EaseUS Partition Master software in order to corrupt data. As a final step the wiper [reboots the] computer," ESET said in a tweet. The EaseUS Partition Master is a disk management tool.
"The Wiper binary is signed using a code signing certificate issued to Hermetica Digital Ltd," according to ESET.
The attack may have been in the works for two months, according to time-stamp information on one of the samples. ESET said the wiper follows DDoS attacks on multiple Ukrainian websites today.
About the Author
You May Also Like
A Cyber Pros' Guide to Navigating Emerging Privacy Regulation
Dec 10, 2024Identifying the Cybersecurity Metrics that Actually Matter
Dec 11, 2024The Current State of AI Adoption in Cybersecurity, Including its Opportunities
Dec 12, 2024Cybersecurity Day: How to Automate Security Analytics with AI and ML
Dec 17, 2024The Dirt on ROT Data
Dec 18, 2024