top of page
Search
Writer's pictureStormsec

The Anatomy of Wiper Malware, Part 1: Common Techniques

A wiper is a type of malware with a single purpose: to erase user data beyond recoverability. Wipers are used to destroy computer networks in public or private companies ranging from industrial to entertainment sectors. Threat actors also use wipers to cover up traces left after an intrusion, weakening their victim’s ability to respond.




MALWARE FAMILIES: SQLShred, Ordinypt, StoneDrill - S0380, CaddyWiper - S0693, KillDisk - S0607, IsaacWiper, Apostle, WhisperGate - S0689, Meteor - S0688, Destover, Shamoon - S0140, ZeroCleare, IsraBye, Petya


ATT&CK IDS: T1471 - Data Encrypted for Impact, T1561.001 - Disk Content Wipe, T1561.002 - Disk Structure Wipe, T1485 - Data Destruction, T1070.004 - File Deletion, T1083 - File and Directory Discovery


Read More:

8 views

Comments


Commenting has been turned off.
bottom of page