AcidRain Malware Wipes Routers and Modems in Ukraine
A new data wiping malware has been unleashed, and this time Ukraine is not its only target. While we have seen multiple wiper malware samples targeting Ukraine systems in the past month, the one we are talking about today has a broader scope – the whole of Europe. The new threat, dubbed the AcidRain Malware, has managed to damage tens of thousands of devices all across Europe. The catch is that the AcidRain Malware is not going after Windows machines, and it certainly does not employ Master Boot Record (MBR) deletion techniques.
What are the AcidRain Malware Targets?
This malware is designed to operate on various routers & modems that are the backbone of major networks. In one of the campaigns, the AcidRain Malware was employed in an attack against Viasat modem software related to satellites.
Security experts suspect that the supply-chain attacks might have delivered the malicious firmware packing the AcidRain Malware. During the attack, the wiper fully deletes data on the infected devices, and then forces a reboot. Allegedly, the criminals do not do anything else apart from this – pure destruction is their goal. The latter is not a surprise considering that taking down major networks is an essential part of the ongoing cyber warfare between Russia and Ukraine. The number of data wipes targeting Ukraine continues to increase, and the expert criminals behind these attacks continue to employ a wide range of malware propagation tactics.