Hackers use this nasty malware to destroy Windows files

0
39

Cybersecurity researchers have identified a new malware allegedly targeting Ukraine. The malware, discovered by cybersecurity firm ESET, aims to overwrite files used by Microsoft’s Windows operating system. The security researchers blamed a group called “Sandworm” for the attack, which has repeatedly been accused of cyberattacks. The hacking team allegedly deployed a new wiper called SwiftSlicer using Active Directory Group Policy. Once executed, SwiftSlicer will delete shadow copies, overwrite files on the system and non-system drives one by one, and then restart the computer.

security company ESET recently discovered a cyber attack targeting Ukraine. The attack was attributed sandworm and took place on January 25th. The team is allegedly one of the hacking groups of the Russian Main Directorate of the General Staff of the Armed Forces of the Russian Federation (aka GRU) and is often accused of carrying it out cyber attacks. The new malware is written in the Go programming language.

“Attackers used Active Directory Group Policy to deploy a new wiper called #SwiftSlicer. The #SwiftSlicer wiper is written in the Go programming language. We attribute this attack to #Sandworm,” ESET uncovered via twitter.

ESET researchers to explain that the SwiftSlicer wiper deletes shadow copies on the Windows system after execution. The malware then recursively (one by one) overwrites multiple files located in system drivers as well as non-system drives and then reboots the computer. According to ESET, a 4096-byte block filled with randomly generated bytes is used for overwriting.

According to Ukraine’s Computer Emergency Response Team (CERT-UA), Russia’s Sandworm has carried out five swipe attacks on Ukraine’s National News Agency – Ukrinform.

In a consultation, CERT-UA states that it detected CaddyWiper, ZeroWipe, SDelete, AwfulShred and BidSwipe wiper variants installed on the news agency’s systems. Of these, the first three targeted Windows systems, while AwfulShred and BidSwipe targeted Linux and FreeBSD systems at Ukrinform. The attack was only partially successful and did not affect the news agency’s operations.


Affiliate links can be generated automatically – see ours Ethics Statement for details.

For the latest tech news and reviewsfollow Gadgets 360 on Twitter, Facebookand Google news. For the latest gadget and tech videos, subscribe to ours Youtube channel.


EV market in India set to surpass 1 billion annual sales and create 5 billion jobs by 2030: business survey

Selected video of the day

Tecno Phantom X2 5G First Impression: Quirky design and great specs

LEAVE A REPLY

Please enter your comment!
Please enter your name here