Russian advanced persistent threat group Sandworm targeted a Ukraine-based energy company with the NikoWiper wiper malware in an attack last October, which coincided with Russian missile strikes against Ukraine's energy infrastructure, The Hacker News
NikoWiper was based on Microsoft's SDelete command line utility for secure file deletions, which may have already been leveraged by Sandworm in at least two earlier attacks against Ukrainian entities, according to an ESET report. Such findings come only days after ESET associated the Golang-based wiper malware SwiftSlicer with Sandworm
Moreover, wiper malware attacks and other cyberattacks are expected to escalate amid the ongoing Russia-Ukraine war.
"Over the past year, we have seen waves of increased activity such as in the spring after the invasion, in the fall, and quieter months over the summer but overall there's been a nearly constant stream of attacks. So one thing that we can be sure about is that we will be seeing more cyberattacks," said ESET researcher Robert Lipovsky.