Malware Wiper

Malware Profile Updated 3 months ago
Download STIX
Preview STIX
Malware wiper is a malicious software designed to delete all files on the infected system, causing significant damage and losses. This type of malware has been increasingly used in targeted attacks over the past year. Notably, the Russia-affiliated advanced persistent threat (APT) group, Sandworm, has utilized multiple strains of malware wiper to attack Ukrainian entities. These attacks have been ongoing throughout the timeline of Russia's war on Ukraine, which is nearing its one-year mark. The discovery of new malware wiper strains being used by Sandworm highlights the evolving nature of this cyber warfare. In addition to the attacks on Ukraine, another strain of malware wiper known as BiBi-Linux has been identified. This new malware is being used to destroy data in attacks specifically targeting Linux systems owned by Israeli companies. The emergence of BiBi-Linux underscores the global reach of these threats and the necessity for robust cybersecurity measures across different operating systems and geographical locations. The Russian attack on satellite communications revealed at Black Hat was a multi-pronged assault that included not only the Acid Rain malware wiper but also a server flood at Viasat, quickly overwhelming their networks. An executive from Viasat and an NSA official disclosed this information, further emphasizing the complexity and sophistication of these cyberattacks. It is clear that malware wipers have become a favored tool for cybercriminals and state-sponsored actors, necessitating increased vigilance and stronger defenses against such threats.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Ukraine
Wiper
Apt
Malware
Linux
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
BibiUnspecified
1
BiBi is a potent malware that has been deployed by a Pro-Hamas hacktivist group against Israeli targets. It's particularly destructive as it's designed to wipe data from the systems it infiltrates, causing direct damage and disruption. The use of this custom BiBi wiper in their operations underscore
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
SandwormUnspecified
1
Sandworm, a threat actor linked to Russia, has been implicated in numerous high-profile cyber attacks. This group's activities have primarily targeted Ukraine, compromising the country's critical infrastructure and telecommunications providers. The Sandworm group is known for its fileless attack met
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Malware Wiper Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
9 months ago
New BiBi-Linux wiper malware targets Israeli orgs in destructive attacks
CERT-EU
a year ago
How a hacking crew overtook a satellite from inside a Las Vegas convention center and won $50,000
CERT-EU
a year ago
The Week in Security: Russia takes aim at Ukraine with Sandworm, the truth about Russia's top search engine