The Russia-affiliated Sandworm used yet another wiper malware strain dubbed NikoWiper as part of an attack that took place in October 2022 targeting an energy sector company in Ukraine.
“The NikoWiper is based on SDelete, a command line utility from Microsoft that is used for securely deleting files,” cybersecurity company ESET revealed in its latest APT Activity Report shared with The Hacker News.
The Slovak cybersecurity firm said the attacks coincided with missile strikes orchestrated by the Russian armed forces aimed at the Ukrainian energy infrastructure, suggesting overlaps in objectives.
The disclosure comes merely days after ESET attributed Sandworm to a Golang-based data wiper dubbed SwiftSlicer that was deployed against an unnamed Ukrainian entity on January 25, 2023.
The advanced persistent threat (APT) group linked to Russia’s foreign military intelligence agency GRU has also been implicated in a partially…
