Swiftslicer

Malware Profile Updated 3 months ago
Download STIX
Preview STIX
SwiftSlicer is a new wiper malware, written in Go, that was detected by security researchers on January 25th, 2023. This malicious software was designed to overwrite crucial files used by the Windows operating system, thereby causing significant disruption and damage to infected systems. The malware was discovered being deployed against Ukrainian local government entities, indicating a targeted attack strategy. The discovery of SwiftSlicer was announced by the ESET research team, who also attributed the creation and deployment of this wiper to Sandworm, also known as Hades. Sandworm is a notorious group known for its cyber-attacks and sophisticated malware. The attribution of SwiftSlicer to this group underscores the severity of the threat posed by this new malware. In the following weeks, further analysis of SwiftSlicer revealed its destructive capabilities. Designed to destroy Windows domains, it overwrites essential system files leading to significant operational disruptions. The emergence of SwiftSlicer highlights the evolving nature of cybersecurity threats and underscores the importance of robust security measures, particularly for government entities and other high-risk organizations.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Wiper
Eset
Ukraine
Windows
Malware
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
SandwormUnspecified
3
Sandworm, a threat actor linked to Russia, has been identified as a significant cybersecurity risk. Known for its sophisticated and malicious activities, Sandworm has notably compromised 11 Ukrainian telecommunications providers, disrupting services and posing a substantial threat to the digital inf
HadesUnspecified
2
Hades is a notable threat actor, known for its distinctive tactics and infrastructure in executing cyber attacks. The cybersecurity industry first observed Hades' operations in June 2021, with its activities marked by the use of advanced tools such as Advanced Port Scanner, MegaSync, Rclone, and Mal
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
Sandworm's WiperUnspecified
1
None
Swiftslicer WiperUnspecified
1
None
Source Document References
Information about the Swiftslicer Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
8 months ago
Advanced threat predictions for 2024 – GIXtools
ESET
a year ago
A year of wiper attacks in Ukraine | WeLiveSecurity
Securityaffairs
a year ago
Google TAG warns of Russia-linked APT groups targeting Ukraine
CSO Online
a year ago
APT groups use ransomware TTPs as cover for intelligence gathering and sabotage
CERT-EU
a year ago
Viewing the profile for Ionut Ilascu
Securelist
8 months ago
Kaspersky Security Bulletin: APT predictions 2024
CERT-EU
a year ago
Russian Sandworm APT expands its arsenal with yet another wiper