Dubbed WhisperGate, the malware is a wiper that was used in cyberattacks against website domains owned by the country’s government. The spate of attacks led to the defacement of at least 70 websites and a further 10 subject to “unauthorized interference,” according to the Security Service of Ukraine, State Special Service and Cyber Police. The wave of attacks was made public on January 14. Websites impacted included the Ukrainian Foreign Ministry, the Ministry of Education and Science, and various state services. The defacement and reported compromise of at least two government systems come at a time when there appears to be a growing threat of invasion by Russia into Ukraine, despite the country denying any such plans. The UK has recently pulled a number of UK embassy staff out of Kyiv in response. Microsoft has published an analysis of WhisperGate, which was discovered on January 13. In a follow-up, Cisco Talos said it was likely that stolen credentials provided the access point for the deployment of the wiper.
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
