DynoWiper update: Technical analysis and attribution
In this blog post, we provide more technical details related to our previous DynoWiper publication.
Key points of the report:
- ESET researchers identified new data-wiping malware that we have named DynoWiper, used against an energy company in Poland.
- The tactics, techniques, and procedures (TTPs) observed during the DynoWiper incident closely resemble those seen earlier this year in an incident involving the ZOV wiper in Ukraine: Z, O, and V are Russian military symbols.
- We attribute DynoWiper to Sandworm with medium confidence, in contrast to the ZOV wiper, which we attribute to Sandworm with high confidence.
Sandworm profile
Sandworm is a Russia-aligned threat group that performs destructive attacks. It is mostly known for its…
