NikoWiper Targeted a Ukrainian Energy Company
Category: Russia & Ukraine | Industry: Global | Level: Strategic | Source: ESET
Destructive data wipers have been heavily utilized by Russian threat actors in cyberattack attacks against Ukraine. NikoWiper is one of the latest wipers to be revealed by ESET researchers and was deployed against a Ukrainian energy company in October 2022. NikoWiper is assessed to be used by Sandworm and is based on the Windows' SDelete command-line utility. The timing of Russian cyberattacks has often coincided with kinetic strikes, displaying a potential for coordinated efforts on both fronts. NikoWiper's deployment against the energy company was observed by ESET to have happened "around the same period that the Russian armed forces targeted Ukrainian energy infrastructure with missile strikes. Even if we were unable to demonstrate any coordination between those events, it suggests that both Sandworm and the Russian armed forces have the same objectives." The list of data wipers utilized against Ukraine continues to grow, as the revelation of NikoWiper comes after ESET announced the discovery of the SwiftSlicer data wiper which is also attributed to Sandworm.