Experts at ESET Research Labs discovered a new data wiper, named CaddyWiper, that was used in cyberattacks targeting Ukrainian organisations. According to the experts, the new wiper malware affects users by erasing user data and partition information from any drives attached to a machine that has been compromised. CaddyWiper, unlike previous viruses used against Ukraine, does not share any significant code similarity with HermeticWiper, IsaacWiper or any other known malware.
CaddyWiper avoids destroying data on domain controllers. Experts at ESET Research Labs concluded that it was ‘likely a way for the attackers to keep their access inside the organisation while still disturbing operations’.
Ukraine began using Clearview AI’s facial recognition services for free on March 12, claimed the company’s chief executive Hoan Ton-That in a letter seen by Reuters. Clearview AI claims to have a searchable database of 10 billion faces gathered from the internet, including over two billion images from the Russian social media platform Vkontakte.
Ton-That outlined a number of scenarios in which the technology could be useful in the letter, including: identifying infiltrators by matching their photo or ID card, identifying the dead without the use of fingerprints, combating misinformation, and family reunification by identifying people without paperwork.
Facebook owner Meta Platforms said it is tightening its content moderation policy for Ukraine to prohibit calls for the death of a head of state, according to Reuters. Following previous reports that Meta was temporarily allowing posts on Facebook and Instagram calling for the death of the Russian or Belarusian president, President of Meta Global Affairs Nick Clegg explained that the company will ‘make it explicitly clear in the guidance that it is never to be interpreted as condoning violence against Russians in general’.
The demand for tools to bypass Russia’s restriction of Meta Platforms’ social media platforms Facebook and Instagram has skyrocketed, a monitoring firm Top10VPN reported. According to their data, On the eve of the Instagram ban, demand for Virtual Private Networks (VPNs) that encrypt data and hide the user’s location spiked 2,088% higher than the average daily demand in mid-February.
The Ukrainian President called on US software firms Microsoft Corp and Oracle Corp, as well as German business software group SAP to stop providing services for their products in Russia. ‘Stop supporting your products in Russia, stop the war!’ Volodymyr Zelenskiy wrote on Twitter.
The Anonymous collective has reportedly attacked the German affiliate of the Russian oil company Rosneft and stolen 20 terabytes of data. A senior security official told DER SPIEGEL that the attackers penetrated deep into the systems and could have caused the control functions to crash. Rosneft has filed a criminal complaint with the Berlin State Criminal Police Office and reported the incident to the BSI, as it is obliged to do as a critical infrastructure company.
The US Embassy in Moscow has been handed a note over Meta Platforms conduct, informing that Russia will start a criminal case against Meta Platforms over Meta’s temporary change in policy, allowing Facebook and Instagram users to call for violence against Russian soldiers.
The US National Security Agency, the French government cybersecurity organisation ANSSI, and Ukrainian intelligence are reportedly investigating a cyberattack that disrupted broadband satellite internet access provided by the US telecoms firm Viasat on 24 February, the first day of the Russian invasion.
Viasat said that the disruption for European and Ukrainian customers was triggered by a ‘deliberate, isolated and external cyber event’ but has yet to provide a detailed, public explanation of what happened. Viasat’s spokesperson informed that ‘the network is stabilised and we are restoring service and activating terminals as quickly as possible.’
Meta Platforms, Facebook’s parent company, announced that it will temporarily allow posts containing improper content directed against Russian aggression, including calls for President Putin’s death. The changes in content policy are meant to allow Ukrainians to voice their discontent with the ongoing situation. Meta also confirmed that the temporary change will only be applied in Ukraine.
Russia’s telecoms watchdog Roskomnadzor will block Instagram on Russian territory from Monday, 14 March. The agency is giving Instagram users in Russia an additional 48-hour transfer period to move their photos and videos and notify their subscribers that they are quitting the social media platform.
