Experts at ESET Research Labs discovered a new data wiper, named CaddyWiper, that was used in cyberattacks targeting Ukrainian organisations. According to the experts, the new wiper malware affects users by erasing user data and partition information from any drives attached to a machine that has been compromised. CaddyWiper, unlike previous viruses used against Ukraine, does not share any significant code similarity with HermeticWiper, IsaacWiper or any other known malware.
CaddyWiper avoids destroying data on domain controllers. Experts at ESET Research Labs concluded that it was 'likely a way for the attackers to keep their access inside the organisation while still disturbing operations'.