The attackers used a benign, digitally signed kernel driver to evade detection while utilizing the driver's ability to interact with storage devices and acquire low-level disk access for retrieving partition information, corrupting the device’s disks. HermeticWiper makes use of a driver belonging to an outdated version of EaseUS Partition Master application, developed by CHENGDU YIWO Tech Development. On February 23, one day before the larger Russian land invasion began, Ukrainian organizations were targeted by another destructive disk-wiping malware dubbed HermeticWiper designed to wipe a computer’s hard disk data and destroy the Master Boot Record and partitions, making any impacted machines inoperable. While the most publicized of these cyberattacks were the DDoS attacks, official government website take-downs, and website defacements, the most disruptive attack was a disk-wiping malware called WhisperGate which we covered in a previous post. Our Threat Research team noted various cyberattacks deployed by Russia in the weeks preceding the invasion aimed at sowing chaos and disrupting communications within Ukraine’s government and military institutions. Cyber warfare is happening in parallel to the armed conflict, becoming an inseperable part of the hostile exchanges between these nations. ![]() However, these hostilities were not limited to the physical domain. On February 24, the Russian-Ukrainian conflict escalated into an invasion of Ukraine by Russian armed forces.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |