Data-wiping malware has become more prevalent amid the ongoing Russian invasion of Ukraine, with six strains reported during the first three months of 2022 alone, compared with only up to two strains observed since 2012, according to The Register
Ukrainian organizations have been attacked with the WhisperGate/WhisperKill, HermeticWiper, CaddyWiper, IsaacWiper, and DoupleZero wiper malware strains, while the AcidRain wiper malware has been leveraged to compromise Viasat's KA-SAT satellite service provider, a Fortinet report showed.
"Although these haven't been officially attributed to Russian state-sponsored threat actors, their goals align with the Russian military's. It is widely theorized that these cyberattacks are intentionally being launched in concert with the invasion," Fortinet researcher Gergely Revay wrote.
The report comes after the FBI and Cybersecurity and Infrastructure Security Agency provided updated indicators of compromise for WhisperGate, as well as other wipers targeted at Ukraine.
"Further disruptive cyberattacks against organizations in Ukraine are likely to occur and may unintentionally spill over to organizations in other countries," the advisory warned.