Swiftslicer

Malware updated a month ago (2024-11-29T13:31:56.194Z)
Download STIX
Preview STIX
SwiftSlicer is a new wiper malware, written in Go, that was detected by security researchers on January 25th, 2023. This malicious software was designed to overwrite crucial files used by the Windows operating system, thereby causing significant disruption and damage to infected systems. The malware was discovered being deployed against Ukrainian local government entities, indicating a targeted attack strategy. The discovery of SwiftSlicer was announced by the ESET research team, who also attributed the creation and deployment of this wiper to Sandworm, also known as Hades. Sandworm is a notorious group known for its cyber-attacks and sophisticated malware. The attribution of SwiftSlicer to this group underscores the severity of the threat posed by this new malware. In the following weeks, further analysis of SwiftSlicer revealed its destructive capabilities. Designed to destroy Windows domains, it overwrites essential system files leading to significant operational disruptions. The emergence of SwiftSlicer highlights the evolving nature of cybersecurity threats and underscores the importance of robust security measures, particularly for government entities and other high-risk organizations.
Description last updated: 2024-05-04T16:57:34.647Z
What's your take? (Question 1 of 3)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Wiper
Eset
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Threat Actors
To see the evidence that has resulted in these threatActor associations, create a free account
Alias DescriptionAssociation TypeVotes
The Sandworm Threat Actor is associated with Swiftslicer. Sandworm, a threat actor linked to Russia, has been identified as the primary cyber attack unit supporting Russian military activities in Ukraine. This group is notorious for its sophisticated and disruptive cyber attacks, including the compromise of 11 Ukrainian telecommunications providers which cUnspecified
3
The Hades Threat Actor is associated with Swiftslicer. Hades is a significant threat actor that has been active in the cybersecurity landscape, particularly associated with ransomware attacks. The group uses distinctive tactics and infrastructure, as noted by CTU researchers in June 2021. Hades ransomware operators have been observed using Advanced PortUnspecified
2
Source Document References
Information about the Swiftslicer Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more