Russian threat actors continue targeting Ukraine’s critical infrastructure with destructive malware, including new variants like PathWiper. These attacks are linked to persistent APT groups such as Sandworm and GRU, highlighting ongoing cyber warfare in the region. #Sandworm #GRU
Keypoints
- Russian threat actors have consistently targeted Ukraine’s critical infrastructure with destructive malware since 2022.
- New malware, PathWiper, shares similarities with HermeticWiper, associated with the APT group Sandworm and GRU.
- The attacks often involve the use of legitimate endpoint tools to execute malicious commands and deploy wipers.
- PathWiper targets key system artifacts like the MBR and NTFS-related files to corrupt data and disable systems.
- Ukraine’s mobile network Kyivstar and other critical infrastructure organizations remain primary targets of these cyberattacks.
Views: 19