All products
Russian State-Backed Hackers Launch Devastating Cyberattacks on Ukraine
The Russian state-controlled hacking group, Sandworm, has been wreaking havoc on Ukraine’s digital landscape with a series of destructive cyberattacks, according to recent research. This notorious group is known for its ruthless and advanced tactics, which have been employed in the ongoing conflict between Russia and Ukraine.
In April, Sandworm targeted a Ukrainian university with two types of malware known as wipers, designed to permanently destroy sensitive data and often the infrastructure that stores it. The first wiper, tracked as Sting, targeted Windows computers by scheduling a task with a name derived from Russian slang, “DavaniGulyashaSdeshka,” which roughly translates to “eat some goulash.” The second wiper is known as Zerlot. These findings were reported by researchers from ESET, who have been monitoring the activities of Sandworm and other advanced persistent threats (APTs).
Unconventional Targets
Furthermore, in June and September, Sandworm unleashed multiple wiper variants against critical infrastructure targets in Ukraine, including government, energy, and logistics organizations. While these targets have been in the crosshairs of Russian hackers for some time, a less common target emerged: organizations in Ukraine’s grain industry. As ESET noted, “Although all four have previously been documented as targets of wiper attacks at some point since 2022, the grain sector stands out as a not-so-frequent target.” This targeting likely reflects an attempt to weaken Ukraine’s war economy, given that grain export remains one of the country’s main sources of revenue.
History of Wiper Attacks
Wipers have been a favored tool of Russian hackers since at least 2012, with the spread of the NotPetya worm being a notable example. This self-replicating malware originally targeted Ukraine but eventually caused international chaos when it spread globally in a matter of hours, resulting in tens of billions of dollars in financial damages. The worm shut down thousands of organizations, many for days or weeks, highlighting the devastating potential of these types of attacks.
For more information on these developments and the ongoing cyberwarfare between Russia and Ukraine, ESET’s report provides in-depth analysis and insights. The situation continues to unfold, with new attacks and developments emerging regularly. To stay informed, visit Here for the latest updates and expert analysis.
Image Credit: arstechnica.com