Slovakia-based cybersecurity firm ESET have have discovered a new type of destructive wiper malware affecting computers in Ukraine, making it at least the third strain of wiper to have hit Ukrainian systems since the Russian invasion began.
According to the researchers, the malware erases user data and partitions information from any drives attached to a compromised machine. Sample code shared on Twitter suggests the malware corrupts files on the machine by overwriting them with null byte characters, making them unrecoverable.
#BREAKING #ESETresearch warns about the discovery of a 3rd destructive wiper deployed in Ukraine 🇺🇦. We first observed this new malware we call #CaddyWiper today around 9h38 UTC. 1/7 pic.twitter.com/gVzzlT6AzN
— ESET research (@ESETresearch) March 14, 2022
ESET research has previously uncovered two other strains of wiper malware targeting computers in Ukraine.
Wiper programs share some similarities with ransomware in terms of their ability to access and modify files on a compromised system, but unlike ransomware — which encrypts data on a disk until a release fee is paid to attackers — wipers permanently delete disk data and give no way to recover it. This means the objective of the malware is purely to cause damage to the target rather than extract any financial reward for the attacker.
Bijay Pokharel
Related posts
Recent Posts
Subscribe
Cybersecurity Newsletter
You have Successfully Subscribed!
Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox. You are also consenting to our Privacy Policy and Terms of Use.