A year into Russia's war, it's now clear Ukraine was hit with more kinds of data-destroying code in 2022 than anywhere, ever.
“In terms of the sheer number of distinct wiper malware samples, this is the most intense use of wipers in all computer history.”
@thegrugq Quantity over quality? 🫤🤷♂️
The BBC article today about the invasion has the same vibe too it.
The "planning" was even worse that we might have suspected 🫤🤦♂️
@simonzerafa @agreenberg there are interesting things about the operators which sort of impacts what operations they do.
But there is also a serious lack of interest in cyber by the Russian military command. They have a war to fight, and they don’t see why they should waste their time talking to nerds in the rear.
The excessive burn in the first week destroyed basically their entire stockpile, particularly of access. They spent months rebuilding their access only to start burning it all again in October.
This will be in my dissertation, but unfortunately that wont be done for many months. (I should be writing!)
@thegrugq @simonzerafa @agreenberg those are some strong assertions re:RU command, as well as overall burn (esp in light of subsequent disclosure of #INCONTROLLER / #PIPEDREAM and other items that will be public soon).
I prefer "shit's hard, go after what's weak/easy":
@jfslowik @thegrugq @agreenberg
I suspect that all sorts of plans and projects are underway. A lot of investigation and documentation might take place once Russia is defeated.
@jfslowik @thegrugq @agreenberg
An interesting article on Wiper Attacks over the last 12 months in Ukraine.
https://www.welivesecurity.com/2023/02/24/year-wiper-attacks-ukraine/
@jfslowik @thegrugq @agreenberg @VirusBulletin
Thanks! 😀
Summaries and lighter articles are useful but the devil is often in the details.
Andy Greenberg
Simon Zerafa
the grugq
Joe Słowik