Data Wiper
Anubis ransomware adds wiper to destroy files beyond recovery
The Anubis ransomware-as-a-service (RaaS) operation has added to its file-encryptimg malware a wiper module that destroys targeted files, making recovery impossible even if the ransom is paid. Anubis (not to be confused with the same-name Android malware with a ransomware module) is a relatively new RaaS first observed in December 2024 but became more active at the beginning of the year. On February […]
Malicious npm packages posing as utilities delete project directories
Two malicious packages have been discovered in the npm JavaScript package index, which masquerades as useful utilities but, in reality, are destructive data wipers that delete entire application directories. The data wiper packages are ‘express-api-sync’ and ‘system-health-sync-api,’ and pose as database syncing and system health monitoring Ttools. According to open-source software security firm Socket, they […]
New PathWiper data wiper malware hits critical infrastructure in Ukraine
A new data wiper malware named ‘PathWiper’ is being used in targeted attacks against critical infrastructure in Ukraine, aimed at disrupting operations in the country. The payload was deployed through a legitimate endpoint administration tool, indicating that attackers had achieved administrative access to the system through a prior compromise. Cisco Talos researchers who discovered the attack attributed […]
Dozens of malicious packages on NPM collect host and network data
60 packages have been discovered in the NPM index that attempt to collect sensitive host and network data and send it to a Discord webhook controlled by the threat actor. According to Socket’s Threat Research team, the packages were uploaded to the NPM repository starting May 12 from three publisher accounts. Each of the malicious packages contains […]
Linux wiper malware hidden in malicious Go modules on GitHub
A supply-chain attack targets Linux servers with disk-wiping malware hidden in Golang modules published on GitHub. The campaign was detected last month and relied on three malicious Go modules that included “highly obfuscated code” for retrieving remote payloads and executing them. Complete disk destruction The attack appears designed specifically for Linux-based servers and developer environments, […]
Hacker wipes 13,000 devices after breaching classroom management platform
A hacker has breached Mobile Guardian, a digital classroom management platform used worldwide, and remotely wiped data from at least 13,000 student’s iPads and Chromebooks. Mobile Guardian, a ‘Google for Education’ partner, is a cross-platform (Android, Windows, iOS, ChromeOS, macOS) one-on-one solution for K-12 schools that offers a complete suite of device management, parental monitoring and […]
New Android malware wipes your device after draining bank accounts
A new Android malware that researchers call ‘BingoMod’ can wipe devices after successfully stealing money from the victims’ bank accounts using the on-device fraud technique. Promoted through text messages, the malware poses as a legitimate mobile security tool and can steal up to 15,000 EUR per transaction. According to researchers analyzing it, BingoMod is currently under […]