🇺🇦 SentinelOne Vs. Hermetic Wiper – A Destructive Malware Used In Cyber Attacks on Ukraine

On February 23rd, the threat intelligence community began observing a new wiper malware sample circulating in Ukrainian organizations. To read more, visit https://s1.ai/hermetic

Visit SentinelOne – Ukraine Crisis Response Center – https://www.sentinelone.com/lp/ukraine-response/

Our analysis shows it is a Wiper that is using a signed driver, that is deploying a wiper that arises Windows devices, after deleting shadow copies and manipulating MBR after rebooting.

This blog includes the technical details of the wiper, dubbed HermeticWiper, and includes IOCs to allow organizations to stay protected from this attack.

This sample is actively being used against Ukrainian organizations, and this blog will be updated with more information becomes available.

SentinelOne customers are protected from this threat, no action is needed.

#ransomware #cybersecurity #endpointprotection #endpointsecurity #infosec #SUGER #macos