GigaWiper: Anatomy of a destructive backdoor assembled from multiple malware


In October 2025, Microsoft Threat Intelligence identified destructive wiping activity and uncovered a sophisticated Go programming language (Golang)-based backdoor we now track as GigaWiper, a versatile implant that combines robust command-and-control (C2) capabilities with multiple destructive payloads, including disk wiping, fake ransomware, and system-level sabotage.

GigaWiper is particularly notable for its makeup. It’s not a single, purpose-built tool, but an amalgamation of separate malware families that were folded into GigaWiper as on-demand backdoor commands, giving threat actors the flexibility to choose their mode of destruction.

Read more…
Source:  Microsoft


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Shadowbyt3$ claims Nintendo of America breach, stealing ~1GB of employee data from TinyPulse survey platform and demanding $2M ransom

    June 20, 2026

    Nintendo of America has confirmed suffering a third-party data breach incident, but played down its severity. An “extortion-as-a-service” hacking group called Shadowbyt3$ recently claimed to have breached Nintendo of America, a subsidiary of the Japanese gaming giant, operating in the United States, Canada, and some Latin America countries, and exfiltrated sensitive data on its employees. Read more… Source:  ...

  • Apple users told to watch out for ‘unpatchable’ iPhone security issues – here’s what we know

    June 19, 2026

    Security researchers Paradigm Shift have discovered a vulnerability in older iPhone and Apple Watch models which can be used to jailbreak the devices. What makes this vulnerability special is the fact that there is no fix for it – the only way to really be secure is to replace the device with a newer model. The good news is that ...

  • Microsoft working on a fix for RoguePlanet, a flaw that grants full PC control

    June 18, 2026

    A publicly available exploit called RoguePlanet can give attackers the highest level of access on Windows systems. Microsoft has confirmed the vulnerability and says it’s working on a security update. RoguePlanet is tracked under CVE-2026-50656, where it’s described as a Microsoft Defender Elevation of Privilege (EoP) vulnerability. Read more… Source:  MalwareBytes Labs Sign up for the Cyber Security Review Newsletter The latest cyber ...

  • Kodak confirms breach as ShinyHunters’ leak threat reaches deadline

    June 18, 2026

    The Eastman Kodak Company (Kodak) confirmed to BleepingComputer that it is investigating a security breach after the ShinyHunters extortion group claimed responsibility for the incident. Kodak is the latest organization to land on the group’s leak site. ShinyHunters claims it stole more than 2.2 million records and threatened to publish the data unless the company responded by June ...

  • Cyber Criminals Redirecting Users to Fraudulent Websites with Malicious Traffic Distribution Systems

    June 18, 2026

    The Federal Bureau of Investigation (FBI) is publishing this Public Service Announcement (PSA) to warn the public of cyber criminal use of traffic distribution systems (TDSs) to gain access to victim networks for ransomware or other financial scams. TDS is a technology used to route internet traffic visitors to different destinations after users visit webpages, click advertisement ...

  • Cybercriminals allegedly hacked tens of thousands of Fortinet firewalls used by major companies all over the world

    June 17, 2026

    Cybercriminals have compromised tens of thousands of Fortinet firewalls and VPNs used by major companies all over the world, according to two cybersecurity firms. The widespread hacking campaign, which is ongoing and has been dubbed FortiBleed, appears to not involve abusing any unknown vulnerability in the targeted devices, but rather on a more basic issue: Companies ...