A newly discovered malware circulating in Ukraine has attacked hundreds of computers, according to researchers from cybersecurity firm ESET, in part, according to researchers from cybersecurity firm ESET. The cause, which Ukrainian officials attribute to a growing wave of attacks against the country.
The company said on Twitter that a data wipe program had been installed on hundreds of machines in the country, an attack it said likely took place over the past few months.
Vikram Thakur of cybersecurity firm Symantec, which is also looking into the case, told Reuters the infection had spread outside of Ukraine.
“We see activity all over Ukraine and Latvia,” Thakur said. A Symantec spokesman later added Lithuania.
Who is responsible for this wiper remains unclear, although suspicion immediately falls on Russia, which has repeatedly been accused of launching data hacks against Ukraine and other countries. other. Russia has denied the allegations.
The victims in Ukraine included a government agency and a financial institution, according to three people who have researched the malware since it was released.
Juan-Andres Guerrero-Saade, a cybersecurity researcher at digital security firm SentinelOne, said the new cyberattack requires existing access to work, meaning those computer networks has been violated.
“To drive this, they needed domain admins. They basically owned the entire business. Entire network. So they don’t have to do this. This is meant to damage, disable, signal and cause havoc, Guerrero-Saade says.
The researchers found that the eraser appeared to have been digitally signed with a certificate issued to a little-known Cypriot company called Hermetica Digital Ltd.
Get the latest information update in the Russo-Ukrainian conflict with live coverage of the Post.
Because the operating system uses code signing as an initial check on the software, such a certificate could have been designed to help a rogue program evade anti-virus protections. Brian Kime, vice president of US cybersecurity firm ZeroFox, said getting such a certificate under the pretext of forgery – or theft – is not impossible, but it is generally a sign of a fraud. “sophisticated and targeted” operator.
Contact details for Hermetica – founded in the Cypriot capital Nicosia, almost a year ago, were not immediately available. The company doesn’t appear to have a website.
Earlier, on Wednesday, the websites of the Ukrainian government, foreign ministry and state security service were down because of a denial of service (DDoS) attack by the Ukrainian government.
“At around 4pm, another mass DDoS attack against our state started. We have relevant data from several banks,” said Mykhailo Fedorov, Minister of Digital Transformation, adding that the parliamentary website was also hacked.
He did not say which banks were affected and the central bank could not be immediately reached for comment.
“Cyberspace is now simply a component of hybrid warfare,” said Guerrero-Saade.
Ukraine’s data protection watchdog says hacks are on the rise.
Phishing attacks on public institutions and critical infrastructure, the spread of malware, as well as attempts to infiltrate private and public sector networks and actions Other vandalism has intensified,” it said in an email.
Last week, the online networks of the Ukrainian Ministry of Defense and two banks were overwhelmed in a separate break-in. The US company Netscout Systems Inc NTCT.O later said the extent of the impact was very modest.
U.S. Senate Intelligence Committee Chairman Mark Warner, speaking to Reuters before news of the leak became public, said the denial of service actions against Ukraine were still “falling short of what we have seen.” Russia can launch it.”
Ukraine has suffered a series of digital attacks that Kyiv and others have blamed on Russia since 2014 when Moscow annexed Crimea and backed a separatist insurgency in eastern Ukraine. The Kremlin has denied any involvement.
https://nypost.com/2022/02/24/data-wiping-software-found-on-hundreds-of-ukraine-computers/ Software to delete data found on ‘hundreds’ of Ukrainian computers