Researchers from cybersecurity firm ESET have discovered another malware that erases data (called wiper) used in attacks against organizations in Ukraine. baptized as shopping cart wiperO malware was first detected at 11:38 a.m. last Monday (14). O wiperwhich erases user data and information from attached drives, has been detected on multiple systems in a limited number of organizations.
Wiper attacks even before the invasion
Attacks on Ukrainian organizations with malware the wipers started even before the Russian army invaded the country. Ukraine’s organ systems have been infected with these viruses which erase all data written on the system. But this new malwareO shopping cart wiperhas no significant similarities in code to the HermeticWiper or IsaacWiperthe two others windscreen wipers which have been affecting organizations in Ukraine since February 23 this year, the day before the start of the war. However, as in the case of HermeticWiper, there is evidence to suggest that cybercriminals behind CaddyWiper infiltrated victims’ networks before spreading the malware.
A new wiper every week
This is the third time in recent weeks that new malware has been detected wiping data and targeting organizations in Ukraine. On the eve of the Russian invasion of Ukraine, the Hermetic in the networks of several leading Ukrainian organizations. Attacks with this wiper also took advantage of the HermeticWizarda Earthworm custom used to spread HermeticWiper within local networks, and HermeticRansom, a ransomware used as bait. The next day, a second destructive attack against a Ukrainian government network began, this time with the goal of deploying IsaacWiper.
First wiper detected in January
Continue after ad
Earlier this year, when the invasion of Ukraine sounded like a Kremlin dictatorship bluff, another data wiper, called WhisperGate, erased the networks of several organizations in the country. All of these campaigns are just the latest in a long series of cyberattacks that have hit high-profile Ukrainian targets over the past eight years. Since 2014, when Russia annexed Crimea, Ukraine has been the target of a series of highly destructive cyberattacks, including the NotPetya attack which penetrated the networks of several Ukrainian companies in June 2017 before spreading to other countries.
Thinking of buying a product online? Discover the Save the Connected World extension for Google Chrome. It’s free and provides you with department store price comparisons and coupons so you can always buy at the best price. Download now.