New Malware Strain Seen To Be Attacking Ukraine

Newly discovered data-destroying malware was observed yesterday in attacks targeting Ukrainian organizations and deleting data across systems on compromised networks. The Malware is called “CaddyWiper” and I have the string of Tweets from ESET Research providing the details:

CaddyWiper is the fourth data wiper malware deployed in attacks in Ukraine since the start of 2022 that I am aware of. That further confirms that cyber warfare is truly a thing. And organizations inside and outside Ukraine need to be prepared for more attacks as they are sure to come.

UPDATE: I have been provided some tips to protect yourself from Peter Stelzhamer, Co-Founder of AV-Comparatives on this:

“Use and keep your security software (i.e. anti-virus program) up to date and turned on. 

“Many users switch off their real-time protection to gain some speed, but safety should come before speed. We strongly recommend making sure that you use the latest version of the anti-virus software, and for that matter of any software that you are using on your computer. Newest versions come with improved and additional features to enhance software capability.

“Keep your firewall turned on

“Software based firewalls are widely recommended for single computers, while hardware firewalls are typically provided with routers for networks. Some operating systems provide native software firewalls (such as Windows OS). For Microsoft Windows home users we recommend using the firewall in its default settings.

“Always perform the updates of your OS

“If you use the Internet on your computer, then it is connected to the widest network there is – the World Wide Web. Since the WWW is a very dynamical space, operating systems permanently adapt to threats by releasing updates and patches that fix the eventual bugs, glitches or vulnerabilities that can prove to be exploited as security holes. Thus, it is very important to keep your OS up to date, as most new exploits are rendered inefficient by an updated system.

“Keep third party applications (like e.g. Java, Adobe Flash Player, Adobe Acrobat Reader, browsers, etc.) up to date

“Third party applications are programs written to work within operating systems but produced by individuals or companies other than the provider of the operating system. These can bebrowsers, e-mail clients, plugins (such as multimedia plugins for online streaming/gaming, or plugins for reading certain types of files). Since most of them are acting in the Internet environment, it is crucial that they always stay up to date and patched, because cyber-felons use vulnerabilities in older/unpatched versions to get the control of your system.

“Backup your files and software

“Backup is essential in case of data loss caused by malware attacks or malfunctions. Operating systems will attempt to recover system data through features such as System Recovery (Windows), but this procedure does not cover files or third-party software. Therefore, we recommend using one or more of the following backup methods:

  • Backup on a third-party device such as mobile hard drive, CD, USB storage device, flash drive, etc. These should be precisely labelled as to contents and date and stored securely. Three securely guarded generations of copies to the critical/important data (referred to as generational backup) are recommended: grandfather/father/son. You should take time to identify the important/critical data stored on your computer and proceed accordingly with the backup.
  • Backup on a remote location, on a verified secure server. You can do this directly or via network.
  • You should perform backups regularly (at least every three months as a rule or with every change you made, for critical data). Take the time to test the restoring process from the back-up copy. Even though you spend some time doing this, remember the alternative of losing all your data. Additionally, consider using an imaging software to make regular backup images of your system.”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: