ESET Helps identify and prevent Industroyer2 from shutting off power to 2 million people in Ukraine

ESET researchers working with Microsoft and Ukraine’s cybersecurity team were able to identify and prevent Industroyer2 from shutting off power to 2 million people.

Key points:

 

• ESET researchers collaborated with CERT-UA to analyze the attack against the Ukrainian energy company
• The destructive actions were scheduled for 2022-04-08 but artifacts suggest that the attack had been planned for at least two weeks
• The attack used ICS-capable malware and regular disk wipers for Windows, Linux and Solaris operating systems
• We assess with high confidence that the attackers used a new version of the Industroyer malware, which was used in 2016 to cut power in Ukraine
• We assess with high confidence that the APT group Sandworm is responsible for this new attack

Read more on ESET’s Blog HERE