Microsoft Dissects GigaWiper: A Windows Backdoor That Combines Three Destructive Tools
By
Mr Bagel
Microsoft has taken apart a new Windows backdoor it calls GigaWiper, a threat that can wipe entire disks, overwrite system drives, or deploy fake ransomware, according to a report from The Cybersecurity News.
"What stands out is how it is built: not one tool but three older destructive programs bolted into one, offered as commands the operator can choose from."
The backdoor's architecture allows attackers to select each destructive function as a separate command. The Cybersecurity News reported that GigaWiper bundles three distinct malicious capabilities: a full disk wiper, a tool that overwrites the Windows drive specifically, and a fake ransomware module.
"Or run fake 'ransomware' that scrambles files with a key it never saves."
This fake ransomware element is notable because it permanently encrypts files without any intention of decryption, making it purely destructive. The Cybersecurity News noted that each component is based on older, independently developed threats, now merged into a single backdoor package.
The modular design gives operators flexibility in how they wreck a compromised machine. By combining existing malware strains under one interface, GigaWiper represents a troubling evolution in attack tooling, as reported by both outlets.
The reporting
3 outlets covered this story. Each links to the original.
Baker's Take
Comments
Sign in to join the conversation.
No comments yet. Be the first.