New pathWiper Malware Targets Critical Infrastructure to Deploy Admin Tools
gbhackers
Cisco Talos has uncovered a sophisticated and destructive cyberattack targeting a critical infrastructure entity in Ukraine, deploying a previously unknown wiper malware dubbed “PathWiper.”
This attack, attributed with high confidence to a Russia-nexus advanced persistent threat (APT) actor, showcases the persistent and evolving threat to Ukrainian critical infrastructure amid the ongoing Russia-Ukraine conflict.
The attackers exploited a legitimate endpoint administration framework, likely gaining access to the administrative console to issue malicious commands and deploy PathWiper across connected endpoints.
This approach demonstrates a deep understanding of the victim’s environment and the administrative tools used within it, highlighting the calculated and insidious nature of the campaign.
A Destructive Attack on Ukrainian Infrastructure
The tactics, techniques, and procedures (TTPs) observed in this attack, along with the wiper’s capabilities, bear striking similarities to previous destructive malware campaigns targeting Ukrainian entities, further solidifying the attribution to Russian-aligned threat ...
Copyright of this story solely belongs to gbhackers . To see the full text click HERE