ESET specialists discovered the CaddyWiper virus, which deletes data from the computers of Ukrainians. According to the company's Twitter, this is the third malware detected in Ukraine since the start of the Russian invasion..
According to experts, the virus was found in several dozen systems in a limited number of organizations.. The software erases user data and partition information from connected drives.
[see_also ids\u003d"
#BREAKING #ESETresearch warns about the discovery of a 3rd destructive wiper deployed in Ukraine? We first observed this new malware we call #CaddyWiper today around 9h38 UTC. 1/7pic. twitter. com/gVzzlT6AzN.
— ESET research (@ESETresearch) March 14, 2022.
ESET also believes that attackers gained access to the networks of victims in advance, since the virus is deployed through a " Interestingly, malware does not delete information on servers that control domains.. It is likely that in this way hackers retain control over the company's servers, while interfering with their work..
Experts note that CaddyWiper does not communicate with HermeticWiper, IsaacWiper or any other virus that was known at the moment. At the same time, the first two viruses were developed a few months before the Russian invasion of Ukraine, and CaddyWiper - on the day of deployment.
The Verge notes that cleaners such as CaddyWiper are a bit like ransomware in terms of their ability to access and modify data on a compromised system..
However, unlike ransomware, which encrypts data until the attackers receive a ransom, purifiers completely delete them.. That is, the purpose of the malware is solely to cause damage to the target, and not to receive any reward for the developer..
While Russian hackers are attacking Ukraine, hackers from all over the world have come out on the side of our country. They have already managed to hack the websites of Russian government agencies, Russian media, TV channels and banks.