VERY IMPORTANT

On Thursday, February 24th, 2022, a cyber attack rendered Viasat KA-SAT modems inoperable in Ukraine. Spillover from this attack rendered 5,800 Enercon wind turbines in Germany unable to communicate for remote monitoring or control. Viasat’s statement on Wednesday, March 30th, 2022 provides a somewhat plausible but incomplete description of the attack. SentinelLabs researchers discovered new malware that they named ‘AcidRain’. AcidRain is an ELF MIPS malware designed to wipe modems and routers. They assess with medium-confidence that there are developmental similarities between AcidRain and a VPNFilter stage 3 destructive plugin. In 2018, the FBI and Department of Justice attributed the VPNFilter campaign to the Russian government AcidRain is the 7th wiper malware associated with the Russian invasion of Ukraine.