Mystery solved in destructive attack that knocked out >10k Viasat modems
Enlarge / A Viasat Internet satellite dish in the yard of a house in Madison, Virginia. (credit: Getty Images)
Viasat-the high-speed-satellite-broadband provider whose modems were knocked out in Ukraine and other parts of Europe earlier in March-confirmed a theory by third-party researchers that new wiper malware with possible ties to the Russian government was responsible for the attack.
In a report published Thursday, researchers at SentinelOne said they uncovered the new modem wiper and named it AcidRain. The researchers said AcidRain shared multiple technical similarities to parts of VPNFilter, a piece of malware that infected more than 500,000 home and small-office modems in the US. Multiple US government agencies-first the FBI and later organizations including the National Security Agency-all attributed the modem malware to Russian state threat actors.
Enter ukropSentinelOne researchers Juan Andres Guerrero-Saade and Max van Amerongen posited that AcidRain was used in a cyberattack that sabotaged thousands of modems used by Viasat customers. Among the clues they found was the name "ukrop" for one of AcidRain's source binaries.
Read 14 remaining paragraphs | Comments