Microsoft discovers new ‘GigaWiper’ multi-malware package capable of deploying cleaners and ransomware



  • Microsoft warns about “GigaWiper,” a destructive malware attributed to the Iranian group CyberAv3ngers that combines multiple variants into one
  • It can wipe drives, encrypt files with a fake ransomware extension, or overwrite Windows partitions, while also spying on screenshots, VNC sessions, and stealing system data.
  • The malware hides under fake OneDrive registry keys and tasks, exhibiting spying and sabotage capabilities without a recovery path for victims’ data.

Microsoft is warning about a new piece of malware called GigaWiper, which can spy on people’s computers and then completely destroy them, in different ways.

It was created by combining different malware variants into one, and appears to be the work of Iranian state-sponsored threat actors called CyberAv3ngers. The hackers also made a small blatant attack on Microsoft, through the malware’s obfuscation mechanism.

Leave a Comment

Your email address will not be published. Required fields are marked *