Nokoyawa Ransomware is a new malware but has strong similarities with Hive Ransomware. There attack chain, tools to penetrate and deploy and the order in which they execute various infection steps are similar.
CaddyWiper is the forth wiper detected that is targeting Ukraine infrastructure. It erases user data and partition information from attached drives.
Pandora Ransomware hits automotive spare parts manufacturing giant DENSO. Pandora targets corporate networks steals data for double extortion attacks. It is new ransomware actor so its tactics are unknown at this time.
RURansom Wiper is targeting Russian assets, which appear to be a direct retaliation of Russian invasion on Ukraine. The malware is written in .net and is using AES-CBC with hard coded salt.
DriveSlayer is another Wiper that is attacking Ukraine on Cyber front. It corrupts the Master Boot Record (MBR) and partition and file system of all available physical drives on Windows machines.
