Read Time:1 Minute, 36 Second

Once the software is infected, Hermetic Wiper destroys the files needed to boot the operating system, so devices no longer start.

Data-erasing malware has infected hundreds of computers in Ukraine amid Russia’s invasion.

The software was named Hermetic Wiper, or Win32/KillDisk.NCV. The virus not only erases files from the disk, but also destroys the Master boot record (MBR) – the code and data necessary for the subsequent boot of the operating system, as a result, startup and recovery become impossible.

Cybersecurity specialists said that the first sample of a computer virus was discovered on February 23 at 15:00 UTC (13:00 Kyiv time).  ESET believes that the attackers have been developing the code for the last two months.

“The telemetry shows that it (malware – ed.) was installed on hundreds of computers in the country,” the company said.  – “The event follows DDoS attacks on several Ukrainian sites this morning (February 23 – ed.).”

Experts have not yet been able to finally figure out how the software gets on the computers of Ukrainians and how it is launched.  In one case, the Active Directory server was compromised to spread a virus over the network through a group policy object – this is a set of rules or settings for the working environment

Symantec also announced the discovery of malware that destroys data in Ukraine. Malware infected computers in Latvia and Lithuania.

On February 24, Russia launched a military operation against Ukraine.  The first explosions thundered in Kiev and Kharkov, and Russian President Vladimir Putin announced the start of a military operation.

On February 23, hackers attacked the websites of the Verkhovna Rada, the Cabinet of Ministers, the Ministry of Foreign Affairs, the Security Service of Ukraine and Channel 24.  For a long time, users could not access these resources.  Later, the State Service for Special Communications reported that government sites successfully withstood a powerful DDoS attack.

About Post Author

Treadstone 71

@Treadstone71LLC Cyber intelligence, counterintelligence, Influence Operations, Cyber Operations, OSINT, Clandestine Cyber HUMINT, cyber intel and OSINT training and analysis, cyber psyops, strategic intelligence, Open-Source Intelligence collection, analytic writing, structured analytic techniques, Target Adversary Research, cyber counterintelligence, strategic intelligence analysis, estimative intelligence, forecasting intelligence, warning intelligence, threat intelligence
Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %
%d bloggers like this: