Discover and read the best of Twitter Threads about #HermeticWiper

Most recents (7)

🇺🇦 #CYBER
Za měsíc války se UKR stala terčem bezprecedentního počtu destruktivních kyberútoků. Některým se podařilo zabránit, jiné pocítil i zbytek Evropy.
Pokusím se z otevřených zdrojů vypíchnout to nejdůležitější, co se od počátku invaze odehrálo v UKR kyberprostoru:🧵1/10
První závažný kyberútok zasáhl UKR ještě před invazí – už 13. ledna. Malware #WhisperGate se maskoval jako kriminální ransomware, který napadené systémy za poplatek odšifruje. Ve skutečnosti šlo o wiper - data nevratně mazal a ničil přístroje. 2/10
microsoft.com/security/blog/…
Bezprostředně před a po začátku RU invaze 24. února vypověděly službu UKR počítačové systémy napříč několika sektory, včetně vládního, finančního a leteckého. Na vině byly ničivé kyberútoky využívající dva různé wipery - #HermeticWiper a #IsaacWiper. 3/10
welivesecurity.com/2022/03/01/isa…
Read 10 tweets
#BREAKING #ESETresearch warns about the discovery of a 3rd destructive wiper deployed in Ukraine 🇺🇦. We first observed this new malware we call #CaddyWiper today around 9h38 UTC. 1/7 ImageImage
This new malware erases user data and partition information from attached drives. #ESET telemetry shows that it was seen on a few dozen systems in a limited number of organizations. 2/7
CaddyWiper does not share any significant code similarity with #HermeticWiper, #IsaacWiper or any other malware known to us. The sample we analyzed was not digitally signed. 3/7
Read 7 tweets
#WhisperGate #HermeticWiper, 2 noms différents mais la même finalité : 1e cyber arme
🚨TL;DR 1e vidéo pour montrer l'impact destructif et irréversible dirigée vers l'Ukraine depuis qlq temps et qui pourrait très vite se propager dans d'autres pays en Europe et notamment en France
➡️Depuis hier, de nombreuses équipes de #cybersécurité spécialisées en analyse et recherche de #malware, ont donné à la communauté des preuves d'une cyber-arme dirigée vers l'#Ukraine. Cette souche de ransomware est un Disk Wiper baptisé #HermeticWiper ou #WhisperGate.
Il daterait de fin décembre laissant entrevoir une préméditation quant à ce qui ce passe actuellement dans le conflit #Russie #Ukraine.
Read 8 tweets
Petit thread sur le nouveau wiper qui a touché l'UA hier que je vais alimenter toute la journée
Ca sera en Fr
This thread is about new wiper targeting Ukraine

I'll update today. Sorry but I write in french in the first time, if you have questions my DMs are opens
#HermeticWiper
premiere constatation, le loader qui cause avec le driver qui sont en ressources est totalement neuf, pas de code réused pour le moment.

le driver va s'occuper du bas niveau piloter par son loader, via les IOCTLs
le driver pour jouer avec le disque c'est EaseUS Partition Master de EaseUS.

c'est lui qui va casser le disque
Read 33 tweets
Notable point from ESET's thread about new data-wiping malware that it discovered on hundreds of computers in Ukraine today.
Symantec's Eric Chien tells me: "We are seeing the wiper across multiple organizations in different sectors in the Ukraine including finance and government organizations. The wiper uses a legitimate driver to gain low level hard disk access to wipe data."
Read 23 tweets
Breaking. #ESETResearch discovered a new data wiper malware used in Ukraine today. ESET telemetry shows that it was installed on hundreds of machines in the country. This follows the DDoS attacks against several Ukrainian websites earlier today 1/n
We observed the first sample today around 14h52 UTC / 16h52 local time. The PE compilation timestamp of one of the sample is 2021-12-28, suggesting that the attack might have been in preparation for almost two months. 2/n
The Wiper binary is signed using a code signing certificate issued to Hermetica Digital Ltd 3/n Image
Read 7 tweets
Pretty small piece of code, all things considered. Image
The file is digitally signed, presumably with a stolen certificate though I don't see other files signed with this yet. Image
Read 28 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!