28
Nov
According to ESET, the most recent cyberattacks have common indicators with attacks launched by Sandworm previously, including the use of PowerShell to distribute ransomware that is “almost identical to the one seen last April during the Industroyer2 attacks against the energy sector.” PowerShell, also known as PowerGap by Ukrainian cyber authorities, was used to introduce the CaddyWiper malware against Ukrainian infrastructure in April 2022, shortly after the Russian invasion.
https://cybernews.com/news/sandworm-spawns-monstrous-offspring/
https://thehackernews.com/2022/11/russia-based-ransomboggs-ransomware.html
