Kiev, March 15: Cyber-security researchers have discovered a new destructive wiper malware that is affecting computer systems in Ukraine, and erases user data and partition information from any drives attached to a compromised machine.
Slovakia-based cybersecurity firm ESET found the new malware, making it at least the third strain of wiper to have hit the Ukrainian systems since the Russian invasion started.
“ESET research warns about the discovery of a 3rd destructive wiper deployed in Ukraine,” the firm tweeted late on Monday.
“ESET telemetry shows that it was seen on a few dozen systems in a limited number of organisations,” it added.
Interestingly, ‘CaddyWiper’ avoids destroying data on domain controllers.
“This is probably a way for the attackers to keep their access inside the organisation while still disturbing operations,” the researchers informed.
ESET researchers previously found two other strains of wiper malware targeting computers in Ukraine.
The Ukrainian government’s cyber-security authority said recently that its cyber defences are repelling most hacking attacks, adding that the cyber-war with Russia was unprecedented.
Since the Russian invasion began, the country has launched an “IT army of Ukraine”, which has been carrying out cyber attacks on Russian targets.
The cyber war between Russia and Ukraine has intensified, with Russia using a new destructive malware to permanently destroy data on systems belonging to Ukrainian organisations.
Russia’s invasion of Ukraine has led to hacking groups increasing their activities globally.