Security News > 2022 > December > New CryWiper malware wipes data in attack against Russian org

New CryWiper malware wipes data in attack against Russian org
2022-12-02 17:29

A previously undocumented data wiper named CryWiper is masquerading as ransomware, extorting victims to pay for a decrypter, but in reality, it just destroys data beyond recovery.

CryWiper was first discovered by Kaspersky this fall, seen in attacks against organizations in the Russian Federation.

"In the fall of 2022, our solutions detected attempts by a previously unknown Trojan, which we named CryWiper, to attack an organization's network in the Russian Federation," explains the new report by Kaspersky.

As the code analysis reveals, the data-wiping function of CryWiper isn't a mistake but a purposeful tactic to destroy targets' data.

CryWiper will stop critical processes related to MySQL, MS SQL database servers, MS Exchange email servers, and MS Active Directory web services to free locked data for destruction.

Even though CryWiper is not ransomware in the typical sense, it can still cause severe data destruction and business interruption.


News URL

https://www.bleepingcomputer.com/news/security/new-crywiper-malware-wipes-data-in-attack-against-russian-org/