Wiper malware – Page 2 – WindowsTechs.com

Ransomware hits two state-run organizations in the Middle East and North Africa

Posted on September 4, 2020 by Sean Lyngaas

A strain of ransomware designed to disrupt computers’ booting processes hit government-run organizations in the Middle East and North Africa in July, researchers said Friday, in the latest example of data-wiping tools being aimed at key organizations in the region. The ransomware attacks used Thanos, a type of malware that surfaced earlier this year and has gained traction on underground forums, according to analysts at Palo Alto Networks. In an increasingly popular tactic among ransomware gangs, Thanos is sold “as a service” to other hackers interested in deploying it. That can make the attacks harder to trace, and allow users to develop their own custom features. The motives behind the attacks are mysterious. A hacker interested in getting paid typically doesn’t disrupt a machine to make it harder for a victim to hand over the ransom. Yet that’s exactly what the perpetrators of the July attacks attempted to do: Their […]

The post Ransomware hits two state-run organizations in the Middle East and North Africa appeared first on CyberScoop.

Continue reading Ransomware hits two state-run organizations in the Middle East and North Africa→

Beware of New Wiper Malware Distributed through Free Software / Crack Sites

Posted on April 13, 2020 by Filip Truta

A new piece of wiper malware is being distributed through warez sites, locking users out of their Windows computers after they unknowingly run the program. As reported by BleepingComputer’s Lawrence Abrams, the malware is apparently distributed t… Continue reading Beware of New Wiper Malware Distributed through Free Software / Crack Sites→

Wiper Malware Called “Coronavirus” Spreads Among Windows Victims

Posted on April 1, 2020 by Tara Seals

Like NotPetya, it overwrites the master boot record to render computers “trashed.” Continue reading Wiper Malware Called “Coronavirus” Spreads Among Windows Victims→

Iran-Backed APTs Collaborate on 3-Year ‘Fox Kitten’ Global Spy Campaign

Posted on February 18, 2020 by Tara Seals

APT34/OilRig and APT33/Elfin have established a highly developed and persistent infrastructure that could be converted to distribute destructive wiper malware. Continue reading Iran-Backed APTs Collaborate on 3-Year ‘Fox Kitten’ Global Spy Campaign→

Saudi cyber authority uncovers new data-wiping malware, and experts suspect Iran is behind it

Posted on January 8, 2020 by Sean Lyngaas

Around the time that tensions between the U.S. and Iran started mounting last month, authorities in Saudi Arabia discovered a new variant of data-wiping malware that cybersecurity analysts suspect originated with Iranian hackers. The attackers deployed the malware against an unnamed target on Dec. 29 with “urgency,” rushing to execute their malware and in the process leaving clues behind on the victim network, according to a technical report from Saudi Arabia’s National Cybersecurity Authority (NCA) obtained by CyberScoop. “Signs of compromise of the network dating back a few months before destructive payload was detonated,” says the memo, which was distributed to cybersecurity specialists who protect critical infrastructure. While the advisory doesn’t identify the culprit suspected in the attack, it does suggest the work of state-sponsored hackers. Analysts familiar with the attack told CyberScoop that the activity bore technical similarities to previous hacking out of Iran. This advisory, first reported by Yahoo News, […]

The post Saudi cyber authority uncovers new data-wiping malware, and experts suspect Iran is behind it appeared first on CyberScoop.

Continue reading Saudi cyber authority uncovers new data-wiping malware, and experts suspect Iran is behind it→

ZeroCleare: New Iranian Data Wiper Malware Targeting Energy Sector

Posted on December 5, 2019 by Swati Khandelwal

Cybersecurity researchers have uncovered a new, previously undiscovered destructive data-wiping malware that is being used by state-sponsored hackers in the wild to target energy and industrial organizations in the Middle East.

Dubbed ZeroCleare, the … Continue reading ZeroCleare: New Iranian Data Wiper Malware Targeting Energy Sector→

New Destructive Wiper ZeroCleare Targets Energy Sector in the Middle East

Posted on December 4, 2019 by Limor Kessem

According to IBM X-Force research, the ZeroCleare wiper was used to execute a destructive attack that affected organizations in the energy and industrial sectors in the Middle East.

The post New Destructive Wiper ZeroCleare Targets Energy Sector in the Middle East appeared first on Security Intelligence.

Continue reading New Destructive Wiper ZeroCleare Targets Energy Sector in the Middle East→

Banco de Chile Wiper Attack Just a Cover for $10M SWIFT Heist

Posted on June 13, 2018 by Tara Seals

The wiper malware affecting 9,000 workstations and 500 servers inside Chile’s largest financial institution turns out to have been a distraction. Continue reading Banco de Chile Wiper Attack Just a Cover for $10M SWIFT Heist→

PyeongChang 2018 Winter Olympics Opening Ceremony Disrupted by Malware Attack

Posted on February 13, 2018 by Swati Khandelwal

The Pyeongchang Winter Olympics taking place in South Korea was disrupted over the weekend following a malware attack before and during the opening ceremony on Friday.

The cyber attack coincided with 12 hours of downtime on the official website for th… Continue reading PyeongChang 2018 Winter Olympics Opening Ceremony Disrupted by Malware Attack→

Winter Olympics cyberattacks meant to ‘send a message’

Posted on February 13, 2018 by Chris Bing

Security researchers say they’ve uncovered a set of hacking tools that were likely used to target and disrupt the Pyeongchang Winter Olympics over the weekend. On Friday, the official 2018 Winter Olympics website went down for several hours causing a disruption to ticket sales and downloads during the opening ceremony. Localized Wi-Fi networks surrounding the games in South Korea also became temporarily unavailable in the preceding hours. Olympics officials confirmed on Sunday that a cyberattack had hit their systems, but provided few details about the incident. New research published Monday by multiple cybersecurity firms now suggests that a hacking group equipped with “destructive” wiper malware, dubbed “Olympic Destroyer,” may have been behind the disturbance. While various experts have already begun to assess the parties responsible Olympic Destroyer — blaming nondescript hackers linked to either North Korea, China or Russia — the technical evidence to support such a conclusion is sparse. It’s notoriously difficult […]

The post Winter Olympics cyberattacks meant to ‘send a message’ appeared first on Cyberscoop.

Continue reading Winter Olympics cyberattacks meant to ‘send a message’→