ESET discovers third wiper malware in Ukraine – Computer – News

Security researchers at ESET have found a new wiper malware targeting Ukrainian systems. The company calls it CaddyWiper. The code would not match previous wipers, but the company provides little further details about how it works.

ESET say that it discovered the malware on Monday morning. It is a wiper malware. It removes user and partition data from infected systems. ESET says the malware hit several dozen systems of “a limited number of organizations” in Ukraine.

ESET does not provide further details about the malware. The researchers say that the malware does not destroy data stored on domain controllers stands. This is probably planned so that the attackers can further spread the malware from Active Directory. ESET says there are indications for that too. The malware is said to have been in the company’s network for a long time.

CaddyWiper is the third similar malware that ESET has discovered in recent weeks in Ukraine, a country where ESET is active above average. On February 23, the day before Russia invaded Ukraine, the first wiper malware discovered† A week later, ESET . discovered a second kind† The company does not attribute to the wipers and does not want to identify possible perpetrators. It is therefore not possible to say with certainty whether the malware originates from Russia or is related to the war. The malware’s code bears no resemblance to the previously discovered wipers, according to ESET. ESET does see similarities in how the attackers had been in the victims’ network for a long time.

–