Security News > 2022 > December > New CryWiper data wiper targets Russian courts, mayor’s offices
A previously undocumented data wiper named CryWiper is masquerading as ransomware, but in reality, destroys data beyond recovery in attacks against Russian mayor's offices and courts.
"In the fall of 2022, our solutions detected attempts by a previously unknown Trojan, which we named CryWiper, to attack an organization's network in the Russian Federation," explains the new report by Kaspersky.
As the code analysis reveals, the data-wiping function of CryWiper isn't a mistake but a purposeful tactic to destroy targets' data.
CryWiper will stop critical processes related to MySQL, MS SQL database servers, MS Exchange email servers, and MS Active Directory web services to free locked data for destruction.
Even though CryWiper is not ransomware in the typical sense, it can still cause severe data destruction and business interruption.
Kaspersky says CryWiper does not seem to be associated with any wiper families emerging in 2022, like DoubleZero, IsaacWiper, HermeticWiper, CaddyWiper, WhisperGate, AcidRain, and Industroyer2.