Industry Insights

New Malware Uncovered Amidst The Russian/Ukraine Crisis

March 16, 2022


New Malware Uncovered Amidst The Russian/Ukraine Crisis


Cyber security experts have recently uncovered a new variant of computer disabling malware, which has been used to devastate Ukrainian governmental, and financial targets in relation to Russia's offensive engagement.

The Ukrainian financial sector, and local Ukrainian government is on high alert for impending attacks of a similar nature at this current time. It has been a standing assertion of cyber-security specialists in the field, that Russia would launch a cyber-attack in combination with their efforts to proceed. The emergence of a "wiper-malware" that devastated Ukrainian websites weeks before, ensured there would be more cyber-attacks to come. The wiper malware, once deployed, performs a DDoS or Distributed Denial of Service Attack, that begins to render websites useless I.E. unable to scroll, failing to load required components, or failing to load altogether. A DDoS attack hits the target with a torrent like overflow of Information requests.

Cybrella Cyber-Security researchers explained DDoS attacks in an efficient way.

Think of a DDoS like this, End point a) is a doorway at the end of a hall, endpoint b) is another door at the other end of the hall. Think of data as people traversing from one door, down the hall, and through the other. When normal traffic flow is retained, everyone is walking to their destination in a neat and orderly fashion. When a DDoS occurs, the amount of people in the hallway increases until neither door a) nor door b), are accessible to any one person in the hall. 

Thursday, 2/24/2022, online forums and chat rooms became ablaze with pleas aimed at the cyber security community of the surrounding world, to aid in their plight with Russian cyber-attacks. Chatter arose on those chat rooms and forums of intent to secure help conducting cyber-security recon or spying on the opposing Russian forces. On Wednesday, a Slovakian based cyber-security firm named ESET came forward with information, stating they had discovered the data wiping, wiper malware, on hundreds of infected machines located within Ukraine. ESET explained how large corporate entities had been affected whereas, Symantec’s threat intelligence team, discussed the negative impact on Ukrainian government contractors in Latvia and Lithuania, and one financial institution within Ukraine. Symantec is labeling the malware "HermeticWiper". The wiper renders computers inoperable by disabling rebooting. A similar attack was deployed in 2017 and is due reference, the NotPetya attack. The NotPetya attack devastated Ukrainian businesses and encrypted affected machines permanently, which in turn, spread to surrounding countries. this attack caused $10bn in damages, worldwide. 

The "HermeticWiper" as it's currently being dubbed, does not appear to be self-propagating, whereas "NotPetya" was able to spread. Further attacks, however, could be different as noted by Alexi Drew, a senior analyst at RAND Europe, a research institute. 

DDoS attacks deployed ahead of the military offensive served the purpose of causing confusion. In a DDoS attack, websites are subjected to a barrage of abnormal requests for information and become unreachable. The targets affected on Wednesday included the Ukrainian defense ministry and PrivatBank, Ukraine’s largest commercial bank. Dr. Lennart Maschmeyer at the Center for Security Studies at the Swiss university ETH Zurich said Russia’s cyber strategy so far seemed more improvised.


The Guardian

Technology photo created by


Related Posts