image credit: Pexels

Sandworm APT group hit Ukrainian news agency with five data wipers

January 30, 2023

On January 17, 2023, the Telegram channel “CyberArmyofRussia_Reborn” reported the compromise of the systems at the Ukrainian National Information Agency “Ukrinform”.

The Ukrainian Computer Emergency Response Team (CERT-UA) immediately investigated the claims and as of January 27, 2023, found five samples of data wipers:

  • CaddyWiper (Windows)
  • ZeroWipe (Windows)
  • SDelete (Windows)
  • AwfulShred (Linux)
  • BidSwipe (FreeBSD)

“As of January 27, 2023, 5 samples of malicious programs (scripts) were detected functionality of which is aimed at violating the integrity and availability of information (writing files/disks with zero bytes/arbitrary data and their subsequent deletion)” reads the report published by the CERT-UA.

Read More on Security Affairs