New Cyber Threat HermeticWiper Targets Ukrainian Govt Websites
A new cyber threat, HermeticWiper, has emerged, targeting Ukrainian government websites and systems. This data wiper, discovered in February 2022, is believed to have originated in Israel and is linked to the Russia-Ukraine conflict.
HermeticWiper, a 115kbs malware, comes packed with drivers and uses a code-signing certificate issued to 'Hermetica Digital Ltd.' to bypass anti-virus protections. It gains sensitive privileges and stops crucial Windows services during execution. The malware has been found in Latvia and Lithuania, aside from Ukraine.
The attack begins with exploits or distributed denial-of-service attacks to facilitate malware deployment. Once in, HermeticWiper aims to destroy the master boot record (MBR) of a system, shredding data and rendering the system essentially unusable. Hundreds of Ukrainian government websites have been targeted, causing significant disruption.
HermeticWiper, originating during the Russia-Ukraine war, has caused substantial damage to Ukrainian government systems. With its sophisticated tactics and destructive intent, it underscores the evolving nature of cyber threats in conflict zones. Further investigation is ongoing to mitigate its impact and prevent future attacks.
