The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

BiBi-Linux Wiper

Nov 10, 2023 12:18:01 PM / by The Hivemind posted in Threat Bulletin, Middle East, Wiper, Hacktivism, Palestine, Israel, Hamas, BiBi-Linux

0 Comments

Executive Summary

A wiper known as BiBi-Linux was recently observed targeting entities in Israel. A pro-Hamas hacktivist group was behind the attacks.

Read More

PolySwarm 2022 Recap - War of the Wipers

Dec 15, 2022 1:04:25 PM / by PolySwarm Tech Team posted in Ukraine, Russia, Threat Bulletin, Wiper, 2022 Recap

0 Comments

Related Families: DoubleZero, IsaacWiper, HermeticWiper, CaddyWiper, WhisperGate, AcidRain, Industroyer2, Azov, CryWiper

Verticals Targeted: defense, government, judicial, telecommunications, energy, non-profit

Executive Summary

In 2022, we observed a significant increase in the number of wiper malware families active in the wild. The majority of this activity appears to be motivated by or conducted in conjunction with the ongoing kinetic warfare taking place between Russia and Ukraine. In this report, we focus on wipers that seem to be connected to the Russia-Ukraine conflict.

Key Takeaways

  • In 2022, we observed a significant increase in the number of wiper malware families active in the wild. Many of these appear to be related to the Russia-Ukraine conflict.
  • These families include DoubleZero, HermeticWiper, IsaacWiper, CaddyWiper, WhisperGate, AcidRain, Industroyer2, Azov, and CryWiper. 
  • The majority of these wiper families targeted entities in Ukraine, while at least one targeted entities in Russia.
Read More

Industroyer2 Targets Ukrainian Energy Company

Apr 15, 2022 1:06:29 PM / by PolySwarm Tech Team posted in Ukraine, Russia, Threat Bulletin, Wiper, Critical Infrastructure, Industroyer2, Sandworm, Voodoobear

0 Comments



Background

ESET recently reported on Industroyer2, a multi-component ICS malware used to target a Ukrainian energy company.

Read More

AcidRain Wiper

Apr 7, 2022 3:31:14 PM / by PolySwarm Tech Team posted in Threat Bulletin, Wiper, AcidRain, Viasat

0 Comments



Background

Sentinel One recently published research on AcidRain, a wiper malware used in an attack on Viasat KA-SAT in Ukraine.

What is AcidRain Wiper?

Read More

CaddyWiper

Mar 21, 2022 1:45:31 PM / by PolySwarm Tech Team posted in Ukraine, Threat Bulletin, Wiper, CaddyWiper

0 Comments



Background

Since January, Ukraine has been targeted by several wiper malware families. In early February, we reported on the WhisperGate wiper. Earlier this month we spotlighted HermeticWiper and IsaacWiper. Ukraine was recently under attack by yet another wiper malware. ESET announced the discovery of CaddyWiper on March 14th in a tweet. Cisco Talos followed up a day later with more information on this malware.

Read More

DDoS Attacks and New Wiper Malware Target Ukraine

Feb 25, 2022 2:37:21 PM / by PolySwarm Tech Team posted in Ukraine, Russia, Threat Bulletin, Financial, Wiper, Malware, DDoS, Katana, Government, Defense

0 Comments



PolySwarm Threat Bulletin
THIS THREAT BULLETIN IS PROVIDED FOR SITUATIONAL AWARENESS

Background

PolySwarm recently released several publications and blog posts discussing Russia-Ukraine tensions and the potential for both kinetic and cyber conflict:

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More