Targeting of Ukrainian government and information technology (IT) sector systems with WhisperGate malware
Date of report
  • January 2022
The Russian Army’s Main Intelligence Directorate (the GRU) used WhisperGate wiper malware on Ukrainian systems on January 13, 2022. The wiper masqueraded as ransomware, offering victims the chance to decrypt their data for a fee, while in reality, the malware wiped the system. The wiper was found on systems throughout Ukraine, including the foreign ministry and networks used by the Ukrainian cabinet.
Suspected victims
  • Ukrainian government and IT sector systems
Suspected state sponsor
  • Russian Federation
Type of incident
  • Data destruction
Target category
  • Government
Victim government reaction
  • Unknown
Policy response