An intensifying wave of hacks aimed at Ukraine where new destructive software was found circulating and hit hundreds of computers.
- Researchers at a cybersecurity firm reported that a data-wiping software had been installed on hundreds of machines in Ukraine.
- The attack was likely to have been in the works for the past couple of months.
- The infection has spread widely across Ukraine and Latvia.
An intensifying wave of hacks aimed at Ukraine where new destructive software was found circulating and hit hundreds of computers.
In a series of statements posted to Twitter, the company stated that the data wiping program had been "installed on hundreds of machines in the country," an attack it said had likely been in the works for the past couple of months.
Vikram Thakur of cybersecurity firm Symantec, which is looking into the attack, told Reuters that infections had spread widely.
“We see activity across Ukraine and Latvia,” Thakur mentioned. A Symantec spokesperson later added Lithuania.
It is unclear who is responsible for the wiper, though suspicion quickly fell on Russia, which has often been accused of launching data-scrambling hacks towards Ukraine and different international locations. Russia has denied the allegations.
As Russia has swarmed troops around Ukraine's borders, it has already been hit by hackers in the past few weeks.
Cybersecurity experts are speeding to pick apart the malicious program, a copy of which was uploaded to the Alphabet-owned crowdsourced cybersecurity site VirusTotal, to see what its features were.
Researchers found that the wiping software seemed to have been digitally signed with a certificate issued to Hermetica Digital Ltd, an obscure Cypriot company. As operating systems use code-signing as an initial check on software, such a certificate might have been designed to help the rogue program dodge anti-virus protections. Getting such a certificate under false pretences – or stealing it – isn’t impossible, but it’s generally the sign of a “sophisticated and targeted" operator, said Brian Kime, a vice president at U.S. cybersecurity firm ZeroFox.
On Wednesday the websites of Ukraine’s government, foreign ministry and state security service were down in what the government said was the beginning of another denial of service (DDoS) attack.
“At about 4 pm, another mass DDoS attack on our state began. We have relevant data from a number of banks," said Mykhailo Fedorov, Minister of Digital Transformation, adding that the parliament website was also hit.
He did not reveal which banks were impacted and the central bank could not immediately be reached for comment.
Ukraine’s data protection watchdog said in a statement that hacks were on the upswing.
“Phishing attacks on public authorities and critical infrastructure, the spread of malicious software, as well as attempts to penetrate private and public sector networks and further destructive actions have intensified," it said in an email.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?