On June 27, reports of a rapidly spreading ransomware attack started to emerge from Ukraine. The speed at which critical infrastructure networks were shutting down pointed to a ransomware application with a wormable component, whose virality called to mind the WannaCry ransomware. In less than three hours, the infection crippled banks, ATMs, public transport and an airport, as well as utilities provider Kyivenergo. Then it spread outside the Ukraine. As multiple critical infrastructure networks reported major blackouts, Bitdefender started an internal investigation over isolated malware samples to trace the attack’s origin and better understand what it targeted, and how. Our initial assessment reveals…
[Continue Reading]