Data-Wiping 'HermeticWiper' Malware Hits Windows Computers Amid Russian Ukraine Invasion

The Russian invasion of Ukraine has stirred relations across the globe among many countries for many reasons. Amid the Russian invasions into Ukraine with many looming uncertainties, the hackers also have embolized to leverage a data-wiping malware threat dubbed HermeticWiper that’s designed to erase Windows computers and corrupt the system so the operating system cannot be loaded. As you may guess, the data-wiping malware attacks have targeted computers in Ukraine thus far.

What is HermeticWiper?

HermeticWiper is a new destructive malware type, with a certificate reportedly belonging to Hermetica Digital Ltd., a Cyprus-based low-profile company, that's been found infecting hundreds of computers located in Ukraine. The HermeticWiper malware attacks are taking place as Russia invades Ukraine, which is thought to be part of a massive attack that coincides with the invasion. So far, as the Russian efforts for the invasion have progressed recently, hundreds of machines in several organizations across Ukraine have been hit. Moreover, it is assumed that the data on those affected machines have been destroyed, or “wiped” using the HermeticWiper threat.

Some computer security experts have seen where HermeticWiper corrupts a Windows computer’s master boot record, which is an essential part of telling the computer how to load the operating system. According to the SentinelOne IT security firm, HermeticWiper corrupts the system by leveraging drivers from a free partition application known as EaseUS Partition Master. Some experts believe that the attack using HermeticWiper has been in the works for some time now and the recent Ukrainian invasion has naturally progressed matters.

Could the Russian Invasion Lead to Future Cyberattacks?

What’s so alarming about the HermeticWiper malware attack on Ukraine is that other destructive malware could be on the way to further conduct cyberattacks against Ukraine and other countries in the region, as Russia moves on the invasion.

As far as who is behind the malware attacks, researchers have not uncovered any specific entities. However, there are many accusations to go around, as the US has accused Russian military intelligence of offering to creating malware that targets computers in Ukraine in the past.

As matters develop in Ukraine, we are sure to monitor and report new cyberattacks that may utilize threats like HermeticWiper to target Ukraine computers.