Wiper Malware Extensively Targets Ukraine and Other Countries

Diving into details

• The first six months of 2022 witnessed seven new wiper variants that were used in campaigns against private, government, and military organizations.
• Wiper malware attacks were detected in 24 nations, besides Ukraine. 
• Among these, disk wiping malware has become unstoppable as they are used to target critical infrastructure.
• These malware use techniques such as overwriting and encrypting files, overwriting MBR, and third-party tooling, among others, to destroy the victims’ data.

Why this matters

• Financial gain is one of the motivators behind the widespread deployment of wipers, although a less significant one. There are wipers that pretend to be ransomware and ask for ransom but don’t possess any capability to recover data. 
• Cyberespionage is another driver as when only data is destroyed without any other consequences, it leads to one conclusion. A wiper is deployed once the attackers pilfer the information they need.
• Lately, wipers have been used for cyberwarfare. These malware strains include WhisperGate, WhisperKill, HermeticWiper, CaddyWiper, IsaacWiper, AcidRain, and DoubleZero.

The bottom line