Ukraine is reportedly being targeted by a new-data wiping malware amid a physical attack on three sides by Russian armed forces. Researchers at cybersecurity companies ESET and Symantec found that hundreds of machines spanning several organizations in Ukraine were infected with a wiper called HermeticWiper on Wednesday. The cyberattack took place just hours after the country’s government and banking websites were taken offline due to a series of aggressive denial-of-service attacks that have been attributed to Russia. Researchers found evidence that the cyberattack was pre-meditated.
Although the wiper was detected on Wednesday evening, the timestamp shows that it was compiled on December 28, meaning that the attack may have been planned out over the span of several weeks. In at least one case, the threat actor had access to a victim’s network before deploying the malware, according to researchers. The new strain of malware abuses legitimate drivers from popular disk management software in order to corrupt and destroy data.
Read More: Ukraine Attacked with Wiper Malware