• by Ray Schultz , February 25, 2022

Dangerous new malware has been traced to a Russian hacking group during the invasion of Ukraine.

A Russian state-backed group called Sandworm is deploying a new form of malware identified as Cyclops Blink, according to joint research published by the UK’s National Cyber Security Centre and U.S. agencies that include the National Security Agency, The Guardian reports. 

Cyclops Blink “targets firewall devices made by the manufacturer Watchguard to protect computers against hacks," the report says.

The agencies point out that the malware does appear to be not connected to the invasion of Ukraine. But they remain concerned, given the cyber attacks directed at Ukraine. 

Sandworm was blamed for the 2017 NotPetya attack on Ukraine, The Guardian adds. 

“In light of the crisis in Ukraine we are very concerned about this actor, who has surpassed all others we track in terms of the aggressive cyber-attacks and information operations they have conducted,” says John Hultquist, vice-president at Mandiant Threat Intelligence, according to The Guardian. “No other Russian actor has been so brazen and successful."

In a separate development, MobileMonkey CEO Larry Kim has sent an email urging marketers to join the firm in “boycotting all Russian goods and services, to help destroy the Ruble and thereby exert pressure to change course, or bring about economic collapse of this rogue state.”

Kim also says he is “asking if you'll stand with me and 4 of our MobileMonkey team members," who he said are still in Ukraine today and "facing an uncertain future.”