Wiper malware – Page 2 – WindowsTechs.com

After more than a decade, SentinelOne researchers weed out Dell vulnerabilities

Posted on May 4, 2021 by Tim Starks

Since 2009, vulnerabilities have lurked in Dell drivers that potentially affect hundreds of millions of machines, SentinelOne researchers said on Tuesday. Hackers could use the vulnerabilities to instigate a range of attacks, from ransomware to wipers that can erase hard drives, said J.A. Guerrero-Saade, principle threat researcher at the security firm. “They can basically do whatever they want,” Guerrero-Saade told CyberScoop. Dell released mitigation steps on Tuesday in advance of SentinelOne publishing its research. Those flaws sitting undiscovered for 12 years is not unheard of, despite a whole industry of security researchers dedicated to weeding out bugs that could abet cyberattacks. A 2017 study found that a quarter of zero-day vulnerabilities remain hidden for more than nine and a half years. In the case of the Dell flaws, Guerrero-Saade said their dormant nature reflects a “target-rich environment,” especially as it pertains to drivers that allow computers to communicate with hardware. […]

The post After more than a decade, SentinelOne researchers weed out Dell vulnerabilities appeared first on CyberScoop.

Continue reading After more than a decade, SentinelOne researchers weed out Dell vulnerabilities→

Ransomware hits two state-run organizations in the Middle East and North Africa

Posted on September 4, 2020 by Sean Lyngaas

A strain of ransomware designed to disrupt computers’ booting processes hit government-run organizations in the Middle East and North Africa in July, researchers said Friday, in the latest example of data-wiping tools being aimed at key organizations in the region. The ransomware attacks used Thanos, a type of malware that surfaced earlier this year and has gained traction on underground forums, according to analysts at Palo Alto Networks. In an increasingly popular tactic among ransomware gangs, Thanos is sold “as a service” to other hackers interested in deploying it. That can make the attacks harder to trace, and allow users to develop their own custom features. The motives behind the attacks are mysterious. A hacker interested in getting paid typically doesn’t disrupt a machine to make it harder for a victim to hand over the ransom. Yet that’s exactly what the perpetrators of the July attacks attempted to do: Their […]

The post Ransomware hits two state-run organizations in the Middle East and North Africa appeared first on CyberScoop.

Continue reading Ransomware hits two state-run organizations in the Middle East and North Africa→

Beware of New Wiper Malware Distributed through Free Software / Crack Sites

Posted on April 13, 2020 by Filip Truta

A new piece of wiper malware is being distributed through warez sites, locking users out of their Windows computers after they unknowingly run the program. As reported by BleepingComputer’s Lawrence Abrams, the malware is apparently distributed t… Continue reading Beware of New Wiper Malware Distributed through Free Software / Crack Sites→

Wiper Malware Called “Coronavirus” Spreads Among Windows Victims

Posted on April 1, 2020 by Tara Seals

Like NotPetya, it overwrites the master boot record to render computers “trashed.” Continue reading Wiper Malware Called “Coronavirus” Spreads Among Windows Victims→

Iran-Backed APTs Collaborate on 3-Year ‘Fox Kitten’ Global Spy Campaign

Posted on February 18, 2020 by Tara Seals

APT34/OilRig and APT33/Elfin have established a highly developed and persistent infrastructure that could be converted to distribute destructive wiper malware. Continue reading Iran-Backed APTs Collaborate on 3-Year ‘Fox Kitten’ Global Spy Campaign→

Saudi cyber authority uncovers new data-wiping malware, and experts suspect Iran is behind it

Posted on January 8, 2020 by Sean Lyngaas

Around the time that tensions between the U.S. and Iran started mounting last month, authorities in Saudi Arabia discovered a new variant of data-wiping malware that cybersecurity analysts suspect originated with Iranian hackers. The attackers deployed the malware against an unnamed target on Dec. 29 with “urgency,” rushing to execute their malware and in the process leaving clues behind on the victim network, according to a technical report from Saudi Arabia’s National Cybersecurity Authority (NCA) obtained by CyberScoop. “Signs of compromise of the network dating back a few months before destructive payload was detonated,” says the memo, which was distributed to cybersecurity specialists who protect critical infrastructure. While the advisory doesn’t identify the culprit suspected in the attack, it does suggest the work of state-sponsored hackers. Analysts familiar with the attack told CyberScoop that the activity bore technical similarities to previous hacking out of Iran. This advisory, first reported by Yahoo News, […]

The post Saudi cyber authority uncovers new data-wiping malware, and experts suspect Iran is behind it appeared first on CyberScoop.

Continue reading Saudi cyber authority uncovers new data-wiping malware, and experts suspect Iran is behind it→

ZeroCleare: New Iranian Data Wiper Malware Targeting Energy Sector

Posted on December 5, 2019 by Swati Khandelwal

Cybersecurity researchers have uncovered a new, previously undiscovered destructive data-wiping malware that is being used by state-sponsored hackers in the wild to target energy and industrial organizations in the Middle East.

Dubbed ZeroCleare, the … Continue reading ZeroCleare: New Iranian Data Wiper Malware Targeting Energy Sector→

New Destructive Wiper ZeroCleare Targets Energy Sector in the Middle East

Posted on December 4, 2019 by Limor Kessem

According to IBM X-Force research, the ZeroCleare wiper was used to execute a destructive attack that affected organizations in the energy and industrial sectors in the Middle East.

The post New Destructive Wiper ZeroCleare Targets Energy Sector in the Middle East appeared first on Security Intelligence.

Continue reading New Destructive Wiper ZeroCleare Targets Energy Sector in the Middle East→

Banco de Chile Wiper Attack Just a Cover for $10M SWIFT Heist

Posted on June 13, 2018 by Tara Seals

The wiper malware affecting 9,000 workstations and 500 servers inside Chile’s largest financial institution turns out to have been a distraction. Continue reading Banco de Chile Wiper Attack Just a Cover for $10M SWIFT Heist→

PyeongChang 2018 Winter Olympics Opening Ceremony Disrupted by Malware Attack

Posted on February 13, 2018 by Swati Khandelwal

The Pyeongchang Winter Olympics taking place in South Korea was disrupted over the weekend following a malware attack before and during the opening ceremony on Friday.

The cyber attack coincided with 12 hours of downtime on the official website for th… Continue reading PyeongChang 2018 Winter Olympics Opening Ceremony Disrupted by Malware Attack→