Whisperkill

Malware updated 3 days ago (2024-11-21T11:32:08.631Z)

Download STIX

Preview STIX

WhisperKill, also known as ShadyLook, is a destructive malware downloaded by another malicious software called WhisperGate (or PayWipe). As part of the broader family of wiper malware that includes DoubleZero, HermeticWiper, IsaacWiper, WhisperGate, CaddyWiper, and AcidRain, it is designed to exploit and damage computer systems. The primary function of WhisperKill is to destroy files with specific extensions, thereby disrupting operations and potentially causing significant data loss. The emergence of WhisperKill was first noted in mid-January 2022, when a series of disruptive and destructive cyber-attacks began. These attacks were characterized by the use of wiper malware, including WhisperGate and its affiliate, WhisperKill. The attacks were particularly notable for their severity and the breadth of their impact. They were part of a larger wave of cyber warfare incidents that raised global concerns about cybersecurity and the potential for significant disruption to critical infrastructure and services. These cyber-attacks primarily targeted Ukraine, marking a significant escalation in the ongoing Russia-Ukraine conflict. The deployment of WhisperKill and other similar malware has underscored the prominent role of cyber warfare in this geopolitical dispute. In response to these attacks, cybersecurity researchers and professionals have been working tirelessly to understand the mechanisms of these malware, develop effective countermeasures, and enhance overall system security to prevent future attacks.

Description last updated: 2024-11-21T10:46:15.108Z

What's your take? (Question 1 of 2)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Possible Aliases / Cluster overlaps

It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.

Alias Description	Votes
WhisperGate is a possible alias for Whisperkill. WhisperGate is a malicious software (malware) deployed by Unit 29155 cyber actors, known for their extensive use of this malware, particularly against Ukraine. The malware corrupts a system's master boot record, displays a fake ransomware note, and encrypts files based on specific file extensions. T	3

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Wiper

Malware

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Source Document References

Information about the Whisperkill Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
CISA	3 months ago	Russian Military Cyber Actors Target US and Global Critical Infrastructure
CERT-EU	a year ago	New BiBi-Linux wiper malware targets Israeli orgs in destructive attacks
InfoSecurity-magazine	2 years ago	Google Report Reveals Russia's Elaborate Cyber Strategy in Ukraine