Professional Documents
Culture Documents
computers in Ukraine, making it at least the third strain of wiper to have hit
Ukrainian systems since the Russian invasion began.
According to the researchers, the malware erases user data and partition
information from any drives attached to a compromised machine. Sample code
shared on Twitter suggests the malware corrupts files on the machine by
overwriting them with null byte characters, making them unrecoverable.
“We know that if the wiper works, it will effectively render the system useless,”
Jean-Ian Boutin, head of threat research at ESET, told The Verge. “However, it
is unclear at this point what is the overall impact of this attack.”
So far, the number of cases in the wild appears to be small, and ESET’s research
had observed one organization being targeted with CaddyWiper, Boutin said.