Express Computer
Home  »  Guest Blogs  »  Developing threat updates: MuddyWater, HermeticWiper and Cyclops target Ukraine amid Crisis

Developing threat updates: MuddyWater, HermeticWiper and Cyclops target Ukraine amid Crisis

0 177

By Securonix Threat Research team

Securonix Threat Labs has been continuously monitoring threats targeting and leveraging the crisis in Ukraine in recent weeks and seen a significant increase in cyberthreats. MuddyWater, HermeticWiper and SandWorm are actively being used to launch cyberattacks, including DDoS attacks targeting financial institutions, cyber espionage campaigns and infrastructure.

MuddyWater Targets Organisations Worldwide

(Originally Published on: February 24, 2022)

Authorities from US and UK have released a detailed advisory about the recent cyber espionage campaign of MuddyWater which is allegedly state sponsored by Iran and works in the interests of MOIS. In this current campaign they have been mainly targeting government and private organisations from industries including telecom, defense, oil and gas located in Asia, Africa, Europe, and North America. This time they have come up with a variety of malwares ranging from PowGoop, Small Sieve, Mori and POWERSTATS and they have used their most preferred threat vector which is spear phishing campaigns in which they wheedle their targeted victim into downloading ZIP files, containing either an Excel file with a malicious macro that communicates with the actor’s C2 server or a PDF file that drops a malicious file to the victim’s network.

HermeticWiper Malware Targets Ukraine

(Originally Published on: February 23, 2022)

On the evening of  February 23, 2022, the State Service of Special Communication and Information Protection of Ukraine declared that a number of government and banking institutions had undergone a massive DDoS attack. Soon after this announcement, the ESET Research team discovered a new data wiper malware (Win32/KillDisk.NCV) that attacked the Ukraine-wide computer network with the objective of destroying data and causing business disruption. The initial analysis of data wiper malware suggests that it is an executable file signed with a likely stolen certificate issued to Cyprus based company Hermetica Digital Ltd. Hence, the researchers named malware as ‘HermeticWiper’.

Sandworm From Russia Uses Cyclops Blink Malware

(Originally Published on: February 23, 2022)

Authorities from US and UK have come across a new strain of malware dubbed as Cyclops Blink which is said to be a replacement of a very infamous malware called VPNFilter which created  havoc by infecting half a million routers a few years back. This malware has been attributed to a famous APT group called Sandworm who is formally connected to Russia’s GRU unit and was associated with a major power outage in Ukraine in 2015. Cyclops Blink has been deployed since 2019 and has already been infecting the WatchGuard Firebox manufactured by Seattle based firm WatchGuard and possibly infecting SOHO routers too.

Advertisement

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 
We are Live Now !

TECH SENATE-2022
REINVENTING FOR THE FUTURE
DAY-3

Join our live event and learn how to use the latest technologies to future proof your IT infrastructure.
WATCH NOW
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image