ウクライナの組織を狙う破壊型マルウェア CaddyWiper について ESET が報告
ESET researchers have uncovered yet another destructive data wiper that was used in attacks against organizations in Ukraine.
Dubbed CaddyWiper by ESET analysts, the malware was first detected at 11.38 a.m. local time (9.38 a.m. UTC) on Monday. The wiper, which destroys user data and partition information from attached drives, was spotted on several dozen systems in a limited number of organizations. It is detected by ESET products as Win32/KillDisk.NCX.
CaddyWiper bears no major code similarities to either HermeticWiper
, the other two new data wipers that have struck organizations in Ukraine since February 23rd.
Much like with HermeticWiper, however, there’s evidence to suggest that the bad actors behind CaddyWiper infiltrated the target’s network before unleashing the wiper.