The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued retrospective clues to help intimidating hunters look for signs of WhisperGate and HermeticWiper, two malicious malware files seen in recent attacks on organizations in Ukraine.
Both families of malware are naturally harmless: they were designed to wipe the victim’s Master Boot Record (MBR) to render it.
The malware attack was made public in the weeks prior to the Russian invasion of Ukraine, but apparently it had been planned in advance. In both cases, the attackers were able to reach the threatened organizations months before the wipers were used.
Read More: Securityweek