U.S. and British governments have discovered new malware allegedly fabricated by a hacker syndicate, allegedly backed by the Russian government.
The findings are published by the United Kingdom's National Cyber Security Center and the United States' National Security Agency. They warned that a Russian hacker syndicate called Sandworm had developed a new malware called Cyclops Blink.
Cyclops Blink is called very sophisticated because it can attack firewall devices developed by Watchguard to protect computers from hackers, as quoted by us from The Guardian, Thursday (24/2/2022).
This sophisticated malware can face various defenses applied by the system, including when the system reboots. Although the findings were published at a time when tensions between Russia and Ukraine were rising, the two agencies dismissed speculation that the report had anything to do with the condition.
However, a US cyber security company called Mandiant said that the findings were a reminder of the damage that could be caused by the Sandworm, which is believed to be behind the NotPetya attack in Ukraine in 2017.
"No other Russian actor can be so successful in damaging critical infrastructure in Ukraine and elsewhere," said John Jultquist, VP at Mandiant Threat Intelligence, who 'praised' Sandworm as a very powerful and clever enemy.
Currently, Russian President Vladimir Putin has begun military operations in Ukraine. But in fact, Russia's cyber attack on Ukraine has begun some time ago.
"Russia did not suddenly decide to invade Ukraine this week. Military planners had prepared this campaign a year earlier," said Rick Holland, Chief Information Security Officer at cybersecurity company Digital Shadows.
The cyber attack campaign took the form of spreading hoaxes, DDoS attacks, and infiltrating data -intensive malware into various computer systems in Ukraine. All of that, according to Holland, is part of Russian military doctrine.
Earlier, it was reported that various Ukrainian bank and government sites had experienced mass DDoS attacks, which made the site inaccessible.