Whisperkill

Malware updated a month ago (2024-11-29T14:53:44.779Z)
Download STIX
Preview STIX
WhisperKill, also known as ShadyLook, is a destructive malware downloaded by another malicious software called WhisperGate (or PayWipe). As part of the broader family of wiper malware that includes DoubleZero, HermeticWiper, IsaacWiper, WhisperGate, CaddyWiper, and AcidRain, it is designed to exploit and damage computer systems. The primary function of WhisperKill is to destroy files with specific extensions, thereby disrupting operations and potentially causing significant data loss. The emergence of WhisperKill was first noted in mid-January 2022, when a series of disruptive and destructive cyber-attacks began. These attacks were characterized by the use of wiper malware, including WhisperGate and its affiliate, WhisperKill. The attacks were particularly notable for their severity and the breadth of their impact. They were part of a larger wave of cyber warfare incidents that raised global concerns about cybersecurity and the potential for significant disruption to critical infrastructure and services. These cyber-attacks primarily targeted Ukraine, marking a significant escalation in the ongoing Russia-Ukraine conflict. The deployment of WhisperKill and other similar malware has underscored the prominent role of cyber warfare in this geopolitical dispute. In response to these attacks, cybersecurity researchers and professionals have been working tirelessly to understand the mechanisms of these malware, develop effective countermeasures, and enhance overall system security to prevent future attacks.
Description last updated: 2024-11-21T10:46:15.108Z
What's your take? (Question 1 of 2)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
WhisperGate is a possible alias for Whisperkill. WhisperGate is a malicious software (malware) deployed by Unit 29155 cyber actors, known for their extensive use of this malware, particularly against Ukraine. The malware corrupts a system's master boot record, displays a fake ransomware note, and encrypts files based on specific file extensions. T
3
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Wiper
Malware
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the Whisperkill Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more