13
Dec
Detection of a wiper such as this is made very difficult due to its polymorphic nature and its time-based logic trigger. It is critical for companies to maintain backups and frequently test recovery of those backups in order to help protect against the damage caused by a wiper like this. Further, companies should perform analysis on infected machines to attempt to identify when initial infection occurred to either restore to a non-infected backup or to know where to look to clean up infected backups.
https://thehackernews.com/2022/12/cybersecurity-experts-uncover-inner.html
Pulling the Curtains on Azov Ransomware: Not a Skidsware but Polymorphic Wiper
