It is likely that the hackers gained access to the victims' networks in advance.
ESET experts have discovered the CaddyWiper virus, which deletes data from Ukrainians' computers. According to the company's Twitter, this is the third malware detected in Ukraine since the Russian invasion .
According to experts, the virus was found in several dozen systems in a limited number of organizations. The software erases user data and partition information from connected disks.
Read also: Ukrainian hackers merged correspondence between a FSB officer and a pro-Russian activist from Kherson
#BREAKING #ESETresearch warns about the discovery of a 3rd destructive wiper deployed in Ukraine 🇺🇦. We first observed this new malware we call #CaddyWiper today around 9h38 UTC. 1/7 pic.twitter.com/gVzzlT6AzN
– ESET research (@ESETresearch) March 14, 2022
ESET also believes that the attackers gained access to the victims' networks in advance, as the virus is deployed through a “Group Policy object”. Interestingly, malware does not delete information on servers that control domains. It is likely that in this way hackers retain control over the company's servers, while interfering with their work.
Experts note that CaddyWiper does not share data with HermeticWiper, IsaacWiper or any other virus that has been known so far. At the same time, the first two viruses were developed a few months before Russia's invasion of Ukraine, and CaddyWiper – on the day of deployment.
The Verge notes that cleaner programs such as CaddyWiper are somewhat similar to ransomware in their ability to access and modify data in a hijacked system. However, unlike extortionists, who encrypt data until intruders receive a ransom, purifiers completely delete it. That is, the purpose of malware is solely to harm the target, not to obtain any reward for the developer.
While Russian hackers are attacking Ukraine, hackers from all over the world have sided with our country. They have already managed to hack the websites of Russian government agencies, Russian media, TV channels and banks.
See special topic: In Berdyansk, the landing ship “Saratov” was destroyed, not “Orsk” – the General Staff of the APU Previously published information about the destruction of the landing ship “Orsk” was not confirmed. Ukrainian military destroys strategic objects of the occupiers in our cities – British intelligence This tactic demoralizes the enemy and allows to distract from attempts to attack. Ukraine will not have to make territorial concessions – Biden Our country must decide such issues, but the US president does not believe in such compromises. Ukraine needs 1,000 missiles every day for the Javelin and Stinger-CNN complexes, as well as jets, combat helicopters and S-300 systems. 4 more hero cities have appeared in Ukraine . Medical workers and community leaders were also awarded.