Russia-Ukraine War: Ukrainian Devices Infested With Malware As Banks Suffer Cyberattacks

With the world wary of a third world war occasioned by the Russian-Ukraine conflicts, it appears the first point of call would be the internet. Ukraine already hit with casualties with the Putin-led offensive, has its banks and government agencies struck with disruptive cyberattacks for the second time in two weeks.  

Several banks and government institutions were last week hit with a denial-of-service attacks (DDoS), resulting in a knock down of their websites’ security and functionalities, it appears the attacks won’t abate soon if the latest reports are anything to go by.

Ukraine Minister of Digital Transformation, Mykhailo Fedorov has revealed that the latest DDoS on Wednesday has struck websites for several of the nation’s government agencies, including its Foreign Ministry and Security Service, and several large banks.  

Risks analysts with a cybersecurity firm, ESET also revealed that the country has additionally been struck by a harmful “wiper” malware, that is comparable, in kind, to one used in an assault on Ukrainian authorities’ companies in January. 

The ESET researchers in a tweet said that the malware which has reportedly been “installed on hundreds of machines in the country,” might be used to degrade knowledge on the units it has contaminated, a new source of worry for Ukranian authorities.

But the Ukranian authorities cannot ideally claim they  would not be aware of such attack as its officials has for a long time expected that cyber-attacks will pave the way, while going in synchronization with a Russian military incursion.  

Analysts posited that the activity was born out of Russia’s playbook of cyber operations with real-world aggression.  

The Research Labs of ESET also averred that that it has detected a previously unseen piece of data-wiping malware Wednesday on “hundreds of machines in the country.”  

ESET Research Chief, Jean-Ian Boutin surmised thus: 

“With regards whether the malware was successful in its wiping capability, we assume that this indeed was the case and affected machines were wiped”.

Even though Boutin fell short of specifying the identity of the targets, he said they were “large organizations.”

The technical director of Symantec Threat Intelligence (STI), says three organizations were hit by the wiper malware: Ukrainian government contractors in Latvia and Lithuania, and a financial institution in Ukraine, with the two being NATO members.  

“The attackers have gone after these targets without much caring for where they may be physically located,” he said.  

According to Thakur, all three targets had “close affiliation with the government of Ukraine,” adding that Symantec believed the attacks were “highly targeted.” Roughly 50 computers at the financial outfit were impacted, some with data wiped, he asserted.  

The United States Deputy National Security Advisor for Cyber, Anne Neuberger told the press that they have information indicating that “GRU infrastructure was seen transmitting high volumes of communication to Ukraine-based IP addresses and domains.”

The Russia-Ukraine war, setting the stage for a more encompassing global conflict, will have the cyberspace as one of its numerous casualties and it is on the aegis of this that Techbooky prays for a swift resolution to the animosity.