Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker

A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker , a global medical technology company based in Michigan. News reports out of Ireland, Stryker's largest hub outside of the United States, said the company sent home mo...

New Android Banking Trojan BingoMod Steals Money, Wipes Devices

Cybersecurity researchers have uncovered a new Android remote access trojan RAT called BingoMod that not only performs fraudulent money transfers from the compromised devices but also wipes them in an attempt to erase traces of the malware. Italian cybersecurity firm Cleafy, which discovered the...

DEBIAN-CVE-2024-42156

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of clear-key structures on failure Wipe all sensitive data from stack for all IOCTLs, which convert a clear-key into a protected- or secure-key...

Suspected Russian Data-Wiping 'AcidPour' Malware Targeting Linux x86 Devices

A new variant of a data wiping malware called AcidRain has been detected in the wild that's specifically designed for targeting Linux x86 devices. The malware, dubbed AcidPour, is compiled for Linux x86 devices, SentinelOne's Juan Andres Guerrero-Saade said in a series of posts on X. "The new...

Russian Hackers Sandworm Cause Power Outage in Ukraine Amidst Missile Strikes

The notorious Russian hackers known as Sandworm targeted an electrical substation in Ukraine last year, causing a brief power outage in October 2022. The findings come from Google's Mandiant, which described the hack as a "multi-event cyber attack" leveraging a novel technique for impacting...

Re-Victimization from Police-Auctioned Cell Phones

Countless smartphones seized in arrests and searches by police forces across the United States are being auctioned online without first having the data on them erased, a practice that can lead to crime victims being re-victimized, a new study found. In response, the largest online marketplace for...

Researchers Demonstrate How EDR and Antivirus Can Be Weaponized Against Users

High-severity security vulnerabilities have been disclosed in different endpoint detection and response EDR and antivirus AV products that could be exploited to turn them into data wipers. "This wiper runs with the permissions of an unprivileged user yet has the ability to wipe almost any file on...

Iranian Hackers Strike Diamond Industry with Data-Wiping Malware in Supply-Chain Attack

An Iranian advanced persistent threat APT actor known as Agrius has been attributed as behind a set of data wiper attacks aimed at diamond industries in South Africa, Israel, and Hong Kong. The wiper, referred to as Fantasy by ESET, is believed to have been delivered via a supply-chain attack...

New Azov Ransomware can wipe 666 bytes data at a stretch

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The new Azov Ransomware can wipe 666 bytes of data at a time. The Azov wiper destroys victims data on purpose and infects other applications by dropping a fake pirated software...

Ukraine Secret Service Arrests Hacker Helping Russian Invaders

The Security Service of Ukraine SBU said it has detained a "hacker" who offered technical assistance to the invading Russian troops by providing mobile communication services inside the Ukrainian territory. The anonymous suspect is said to have broadcasted text messages to Ukrainian officials,...

Another Destructive Wiper Targets Organizations in Ukraine

Researchers have discovered yet another destructive data-wiping malware targeting organizations in Ukraine, the third to be found in as many weeks attacking systems in the country that’s currently defending itself against a Russian physical invasion. A team from cybersecurity firm ESET on Monday...

Destructive data wipers and worms targeting Ukrainian organizations

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Cybersecurity & Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI have jointly released an advisory and warned of an ongoing cyber attack using destructive malware targeting organizations in Ukrai...

New iLOBleed Rootkit Targeting HP Enterprise Servers with Data Wiping Attacks

A previously unknown rootkit has been found setting its sights on Hewlett-Packard Enterprise's Integrated Lights-Out iLO server management technology to carry out in-the-wild attacks that tamper with the firmware modules and completely wipe data off the infected systems. The discovery, which is t...

HEH P2P Botnet Sports Dangerous Wiper Function

A freshly discovered botnet dubbed HEH by researchers is casting a wide net, looking to infect any and all devices that use Telnet on ports 23/2323. It’s particularly destructive: It contains code that wipes all data from infected systems. Perhaps ironically, its operators also have a penchant fo...

Samsung Quietly Fixes Critical Galaxy Flaws Allowing Spying, Data Wiping

Researchers have disclosed a slew of critical-severity, patched flaws in flagship Samsung smartphones – including the Galaxy S7, S8 and S9 models. The vulnerabilities specifically stem from Samsung’s “Find My Mobile” service, a feature built into the smartphones allowing users to locate their...

WordPress Database Reset Plugin <= 3.1 Multiple Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.113630";...

CB TAU Threat Intelligence Notification: GermanWiper Ransomware

GermanWiper Ransomware was found distributed via spam email campaign in Germany. It’s a data-wiping malware and the ransom note was written in German language. The malware pretends to be ransomware but is actually a wiper that destroys the data instead of encrypting it. Figure 1: Screenshot of th...

Shamoon Reappears, Poised for a New Wiper Attack

A new version of the Shamoon data-wiping malware has emerged, marking the third time the destructive virus has been seen in the wild – and researchers believe a new campaign may be imminent. First spotted in 2012 in the attack on Saudi Aramco, Shamoon has the ability to destroy files on infected...

A week in security (September 17 – 23)

Last week, we took a look at a low level spam campaign on Twitter, explored the signs of falling victim to phishing, and examined a massive WordPress compromise. We also explained some SASL vulnerabilities and covered a breaking Emotet spam campaign. Other cybersecurity news: NewEgg attacked by...

World Backup Day is as good as any to back up your data

In today’s security landscape, there are more threats to data than ever before. Beyond corruption caused by hardware or human failure, malware and cyberattacks can put data in serious danger. That’s why it’s imperative for enterprises, small-and-medium businesses, and individuals to back up data...