Recently, the famous American network security company Symantec and ESET have discovered a new malware that is called HermeticWiper (also known as KillDisk.ncv), and this malware has caused serious damage to the Ukrainian network. Subsequently, the Russian Army also officially launched Ukraine a comprehensive military action.
HermeticWiper is a malware that deliberately destroyed data on the device, making data unable to recover and make operating system downtime. This malware is deployed in hundreds of devices on the Ukrainian network.
Although online attacks occurred in the morning of February 24, the malware was compiled on December 28, 21, indicating that these attacks may have planned for nearly two months.
ESET is mentioned in Twitter: “The binary file of malware is to use the code signing certificate issued to Hermetica Digital Ltd. Use the legitimate driver in the Easeus Partition Master software to destroy data. The last step, the malware will also Restart the computer. “
After the WHispergate action in January, this is Russia’s second time in the Ukrainian network system.
Wiper attacks hit several Ukrainian government and banking agencies on Wednesday, which triggered the third “large-scale” distributed refusal service (DDoS) attack, destroying the Ministry of Foreign Affairs and several online portals.
Last week, the largest two banks in Ukraine PrivatBank and Oschadbank, the Ukrainian Defense Ministry and the Armed Forces were downtime, because the unknown hacked DDOS attacks, this also prompted the British and US government to point to the Russian Main Intelligence Agency (GRU). The Kremlin denied this allegation.
Activity to use DDOS attack will deliver a lot of garbage traffic, which makes the target website unacceptable. The follow-up analysis of CERT-UA on February 15th found that these events were carried out by the infected Mikrotik router and other Internet of Things equipment using Zombie networks such as Mirai and M¨¥ris.
In addition, the information system of the Ukrainian national institutions has encountered up to 121 cyber attacks in January 2022, but the attack did not succeed.
Not only that, according to the report released earlier this week, the online criminals on the dark online criminals are looking for profits through advertising databases and network access, which covers the RAID Forum and market. On the public information about Ukrainian citizens and key infrastructure organizations, “hope to get high profit”.
Since the beginning of this year, the Ukrainian law enforcement authorities have drawn these destructive malicious network behaviors into communication anxiety, destroying citizens’ confidence in national security capabilities, and destroys national unity.
The Ukrainian Security Bureau (SSU) said on February 14: “Ukraine is facing systematic dissemination panic, other countries attempt to spread false information and distortion, all these factors are mixed together, but it is only a larger mix war. “