CryWiper Malware is in Ukraine-Russia Deletes Data

Arstechnica Story from a few days ago (12/2)  CryWiper malware is destroying data in Ukraine and Russia Are we going to Cry when it comes to our shores?

Cry Baby Cry…

 

What does this mean? This malware has been worked on for years , which means this is the 4th or 5th version of  malware  first released in 2017. From story:

“In 2017, self-replicating malware dubbed NotPetya spread across the globe in a matter of hours and caused an estimated $10 billion in damage. In the past year, a flurry of new wipers appeared. They include DoubleZero, IsaacWiper, HermeticWiper, CaddyWiper, WhisperGate, AcidRain, Industroyer2, and RuRansom. “

“In many cases, wiper and ransomware incidents are caused by insufficient network security, and it is the strengthening of protection that should be paid attention to,” Friday’s Kaspersky report stated. “We assume that the number of cyberattacks, including those using wipers, will grow, largely due to the unstable situation in the world.”

What does this mean? I know that the company Kaspersky has ‘found’ this malware, and maybe we should not entirely trust them, which may be true… But we also need to be aware of the possible problems coming from that area of the world, since Russia is trying to defeat Ukraine they seem to have modified an old malware to delete data and not just create ransomware(to make you pay for getting your data back).

The Kaspersky report itself claims that only Russian targets ave been hit so far… The report states that this is a fake ransomware program, as it pretends to be ransomware but is actually deleting data files (it leaves operating system and many system files alone).

The definition of ta “Wiper” is a type of malware the purpose of which is to wipe or erase data from the hard drive.

Remember that in the arena of ideas a hacker can take this idea and use it in their plans of deviousness. It depends on the goals, and a side effect of attackers in a warzone would be the escalation of cyberattacks.

 

Contact us to discuss how you can prevent attacks from being successful.