a dangerous malware was discovered on January 23, 2022 infecting hundreds of computer systems in Ukrainejust hours after Russia confirmed the advance of its troops, initiating an invasion of Ukrainian territory.
ESET Research, a computer security company, gave notice of the discovery of this computer virus, which began to spread throughout Ukraine on February 23, 2022. Also, This comes after a DDoS attack will also begin on several important websites in the country..
This malware is designed to enter and destroy all information within the computer systembut not only that, but also disable all the components of the computers where it has access.
Symantec, another digital security company, also confirmed the progress of this malware, which coincided with the beginning of the Russian attack. Likewise, it was insisted that it was detected that most of the attacked PCs belong to the financial, aviation and information technology services sectors.
For now, This malware has been named HermeticWiper and is known to interfere with the Windows boot systemthus it becomes unable to launch the operating system, gaining access to storage systems and deleting all data after that.
According to the Symantec report, this attack could have been prepared as part of Russia’s actions. to be able to invade Ukraine and dismantle crucial equipment in the defense and communication organization of the country, either to respond to the attack or share reports to the population in an effective and concrete way.
Also, it was found that the group of hackers responsible for this attack infiltrated the Ukrainian government networkusing a user credential access window in Microsoft Exchange Server, which requires the human factor to work properly.
This is not the first time that Ukrainian computer systems and networks have been attacked in recent weeks. One of them was recognized by Microsoft, which warned the attacked organizations to review their security protocolsas copies of the operating system could be at risk.
Although for now no hacker group has claimed the attack, Symantec strongly believes that it could be Russian intelligence groupswhich in the past have already been accused of carrying out cyber attacks on other governments.
Don’t forget to comment on the TierraGamer’s social networks or join our Discord server to continue the conversation.