A brand new cyberattack that seems to be focused at Ukraine and is designed to overwrite essential Home windows information has been noticed by safety agency ESET.

“On January 25th #ESETResearch found a brand new cyberattack in Ukraine. Attackers deployed a brand new wiper we named #SwiftSlicer utilizing Energetic Listing Group Coverage. The #SwiftSlicer wiper is written in Go programing language. We attribute this assault to #Sandworm,” a Tweet (opens in new tab) by the agency learn.

Also referred to as Unit 74455, Sandworm is allegedly a bunch of Russian cybermilitary hackers working for the Basic Employees Essential Intelligence Directorate (GRU). The group can be credited with numerous different assaults in Ukraine, together with a 2015 assault on the facility grid, although these claims are at present unsubstantiated.

TechRadar Professional wants you! (opens in new tab)
We need to construct a greater web site for our readers, and we want your assist! You are able to do your bit by filling out our survey (opens in new tab) and telling us your opinions and views in regards to the tech business in 2023. It is going to solely take a couple of minutes and all of your solutions will probably be nameless and confidential. Thanks once more for serving to us make TechRadar Professional even higher.

D. Athow, Managing Editor

Sandworm SwiftSlicer cyberattack

“As soon as executed it deletes shadow copies, recursively overwrites information situated in %CSIDL_SYSTEMpercentdrivers, %CSIDL_SYSTEM_DRIVEpercentWindowsNTDS and different non-system drives after which reboots pc,” ESET added in an additional tweet.

Go, the programming language that underpins the assault, is alleged to be valued by menace actors for its versatility (by way of Bleeping Pc (opens in new tab)), and is utilized by numerous real firms for authentic causes, together with Google, Twitter, and PayPal.

In line with Ukraine’s Pc Emergency Response Staff, Sandworm has been busy launching numerous different assaults within the nation, together with 5 data-wiping assaults on the Nationwide Information Company of Ukraine – Ukrinform.

One pressure discovered within the new company assault, CaddyWiper, has been noticed in numerous assaults on Ukraine, indicating a hyperlink again to Sandstorm.

If Sandstorm is certainly an arm of the Russian army, then it’s clear that the multifaceted battle is constant to wreak havoc on the lives of so many Ukrainian firms and residents.

• Right here’s one of the best endpoint safety software program and finest firewalls to advance your pc’s safety