GigaWiper
Coverage of GigaWiper in the Nexus archive.
- Destructive Windows backdoor stuffs multiple wipers and ransomware code into a single package
A new Windows backdoor named GigaWiper combines ransomware encryption with multiple data-wiping features, enabling attackers to destroy systems or encrypt files irreversibly. Microsoft identified the Golang-based malware, which includes commands for disk overwriting, system shutdown, and file exfiltration using tools like MinIO Client, alongside C2 communication via RabbitMQ and Redis.
- This new Windows malware can take over your PC and wipe it clean
Microsoft identified GigaWiper, a modular Windows backdoor combining remote access and data destruction capabilities, which integrates components from Crucio ransomware and FlockWiper. The malware allows espionage features like screen capture and remote control, alongside destructive commands to irreversibly wipe systems, with C2 servers detected and blocked by Malwarebytes.