Ukraine Hit with New Golang-based 'SwiftSlicer' Wiper Malware in Latest Cyber Attack

silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,159
Content source
https://thehackernews.com/2023/01/ukraine-hit-with-new-golang-based.html
Ukraine has come under a fresh cyber onslaught from Russia that involved the deployment of a previously undocumented Golang-based data wiper dubbed SwiftSlicer.

ESET attributed the attack to Sandworm, a nation-state group linked to Military Unit 74455 of the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU).

"Once executed it deletes shadow copies, recursively overwrites files located in %CSIDL_SYSTEM%\drivers, %CSIDL_SYSTEM_DRIVE%\Windows\NTDS and other non-system drives and then reboots computer," ESET disclosed in a series of tweets.

The overwrites are achieved by using randomly generated byte sequences to fill 4,096 byte-length blocks. The intrusion was discovered on January 25, 2023, the Slovak cybersecurity company added.
Click to expand...
thehackernews.com

Ukraine Hit with New Golang-based 'SwiftSlicer' Wiper Malware in Latest Cyber Attack

Ukraine is under attack from a new Golang-based data wiper called SwiftSlicer.
thehackernews.com thehackernews.com

www.welivesecurity.com

SwiftSlicer: New destructive wiper malware strikes Ukraine | WeLiveSecurity

ESET researchers have uncovered a new destructive data wiper, SwiftSlicer, being used by the Sandworm APT group in Ukraine.
www.welivesecurity.com www.welivesecurity.com
 
  • Like
  • +Reputation
Reactions: SeriousHoax, Gandalf_The_Grey, vtqhtr413 and 4 others
vtqhtr413

vtqhtr413

Level 26
Verified
Top Poster
Well-known
Aug 17, 2017
1,487
Threat actors loyal to the Kremlin have stepped up attacks in support of its invasion of Ukraine, with denial-of-service attacks hitting German banks and other organizations and the unleashing of a new destructive data wiper on Ukraine.
Germany's BSI agency, which monitors cybersecurity in that country, said the attacks caused small outages but ultimately did little damage.
“Currently, some websites are not accessible,” the BSI said in a statement to news agencies. “There are currently no indications of direct effects on the respective service and, according to the BSI's assessment, these are not to be expected if the usual protective measures are taken.”
Click to expand...
arstechnica.com

#GermanyRIP. Kremlin-loyal hacktivists wage DDoSes to retaliate for tank aid

Killnet hacktivist group appears to have indirect ties to the Russian government.
arstechnica.com arstechnica.com
 
  • Like
Reactions: Gandalf_The_Grey
You must log in or register to reply here.

Similar threads

silversurfer
    • Like
    • +Reputation
    • Thanks
Titan Stealer: A New Golang-Based Information Stealer Malware Emerges
Replies
0
Views
563
News Archive
silversurfer
silversurfer
silversurfer
    • Like
    • +Reputation
    • Applause
New shc-based Linux Malware Targeting Systems with Cryptocurrency Miner
Replies
0
Views
594
News Archive
silversurfer
silversurfer
oldschool
    • Like
    • Applause
    • +Reputation
How the tech community has rallied to Ukraine’s cyber-defence
Replies
2
Views
1,136
News Archive
plat
P

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top