Date of report
- November 2022
Affiliations
Sandworm targeted Ukrainian local government networks in November 2022 with Caddywiper malware, which wipes most data on a system while preserving domain controllers. Researchers speculate this function allows Sandworm to maintain access inside networks after deploying Caddywiper.
Suspected victims
- Local government entities throughout Ukraine
Suspected state sponsor
- Russian Federation
Type of incident
- Data destruction
Target category
- Government