(ANSA) – ROME, APRIL 05 – Further details emerge on what was currently the most important and sophisticated cyber attack since the war in Ukraine and aimed at the ViaSat satellite network. Occurring close to February 24, the day of the Russian invasion, it interrupted the satellite internet service for tens of thousands of customers throughout Europe, including in Italy. The attack targeted modems intended to connect service to customers in Ukraine and other countries and knocked out some wind turbines in Germany.
According to security experts at SentinelLabs, the perpetrator of the attack is a new and dangerous malware called AcidRain, which has targeted routers and modems. And it is of the ‘wiper’ type, i.e. it deletes files and data.
SentinelLab researchers, whose investigations are still ongoing, have found several similarities between AcidRain’s mode of action and another attack in 2018 attributable to a well-known APT group (Sandworm) which reports directly to the Russian government, as stated by the same Fbi. AcidRain is the seventh wiper virus related to the Russian invasion of Ukraine.
The cyber attack on ViaSat disabled customers’ modems that interface with ViaSat’s KA-SAT satellite for their internet service. ViaSat is based in the US and works as a defense contractor for the US government, also has a contract with the Ukrainian police and military.
Ukrainian intelligence together with analysts from the US National Security Agency (NSA) and the French cybersecurity organization Anssi are investigating this attack on ViaSat. (HANDLE).
I have been working in the news industry for over 10 years now and I have worked for some of the biggest news websites in the world. My focus has always been on entertainment news, but I also cover a range of other topics. I am currently an author at Global happenings and I love writing about all things pop-culture related.