Mystery solved in destructive attack that knocked out >10k Viasat modems

 In Biz & IT, modems, russia, Russian invasion of Ukraine, viasat, wipers
Mystery solved in destructive attack that knocked out >10k Viasat modems
Serving the Technologist for more than a decade. IT news, reviews, and analysis.
Satellite dish with a private residence and a gray sky in the background.

Enlarge / A Viasat Internet satellite dish in the yard of a house in Madison, Virginia. (credit: Getty Images)

Viasat—the high-speed-satellite-broadband provider whose modems were knocked out in Ukraine and other parts of Europe earlier in March—confirmed a theory by third-party researchers that new wiper malware with possible ties to the Russian government was responsible for the attack.

In a report published Thursday, researchers at SentinelOne said they uncovered the new modem wiper and named it AcidRain. The researchers said AcidRain shared multiple technical similarities to parts of VPNFilter, a piece of malware that infected more than 500,000 home and small-office modems in the US. Multiple US government agencies—first the FBI and later organizations including the National Security Agency—all attributed the modem malware to Russian state threat actors.

Enter ukrop

SentinelOne researchers Juan Andres Guerrero-Saade and Max van Amerongen posited that AcidRain was used in a cyberattack that sabotaged thousands of modems used by Viasat customers. Among the clues they found was the name “ukrop” for one of AcidRain’s source binaries.

Read 14 remaining paragraphs | Comments

AcidRain is the seventh wiper associated with the Russian invasion of Ukraine.

Recent Posts
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt