Malware, Threat Management

NikoWiper malware involved in Sandworm attack

Russian advanced persistent threat group Sandworm targeted a Ukraine-based energy company with the NikoWiper wiper malware in an attack last October, which coincided with Russian missile strikes against Ukraine's energy infrastructure, The Hacker News reports. NikoWiper was based on Microsoft's SDelete command line utility for secure file deletions, which may have already been leveraged by Sandworm in at least two earlier attacks against Ukrainian entities, according to an ESET report. Such findings come only days after ESET associated the Golang-based wiper malware SwiftSlicer with Sandworm. Moreover, wiper malware attacks and other cyberattacks are expected to escalate amid the ongoing Russia-Ukraine war. "Over the past year, we have seen waves of increased activity such as in the spring after the invasion, in the fall, and quieter months over the summer but overall there's been a nearly constant stream of attacks. So one thing that we can be sure about is that we will be seeing more cyberattacks," said ESET researcher Robert Lipovsky.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.