The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: disk wiping malware

ZeroCleare: New Iranian Data Wiper Malware Targeting Energy Sector

ZeroCleare: New Iranian Data Wiper Malware Targeting Energy Sector

December 05, 2019Swati Khandelwal
Cybersecurity researchers have uncovered a new, previously undiscovered destructive data-wiping malware that is being used by state-sponsored hackers in the wild to target energy and industrial organizations in the Middle East. Dubbed ZeroCleare , the data wiper malware has been linked to not one but two Iranian state-sponsored hacking groups— APT34 , also known as ITG13 and Oilrig, and Hive0081 , also known as xHunt. A team of researchers at IBM who discovered the ZeroCleare malware says that the new wiper malware shares some high-level similarities with the infamous Shamoon, one of the most destructive malware families known for damaging 30,000 computers at Saudi Arabia's largest oil producer in 2012. Just like the Shamoon wiper malware , ZeroCleare also uses a legitimate hard disk driver called 'RawDisk by ElDos' to overwrite the master boot record (MBR) and disk partitions of targeted computers running the Windows operating system. Though EldoS driver is not s
StoneDrill Disk Wiping Malware Found Targeting European Industries

StoneDrill Disk Wiping Malware Found Targeting European Industries

March 07, 2017Mohit Kumar
A new disk wiping malware has been uncovered targeting a petroleum company in Europe, which is quite similar to the mysterious disk wiper malware Shamoon that wiped data from 35,000 computers at Saudi Arabia's national oil company in 2012. Disk wiping malware has the ability to cripple any organization by permanently wiping out data from all hard drive and external storage on a targeted machine, causing great financial and reputational damage. Security researchers from Moscow-based antivirus provider Kaspersky Lab discovered the new wiper StoneDrill while researching last November's re-emergence of Shamoon malware (Shamoon 2.0) attacks – two attacks occurred in November and one in late January. Shamoon 2.0 is the more advanced version of Shamoon malware that reportedly hit 15 government agencies and organizations across the world, wipes data and takes control of the computer's boot record, preventing the computers from being turned back on. Meanwhile, Kaspersky resea
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.