Wiper
CaddyWiper
First seen: 2022-03 • Status: inactive
Currently Inactive
CaddyWiper was yet another Russian wiper targeting Ukraine. It erases your data and makes your computer unbootable.
Overview
CaddyWiper was deployed against Ukrainian organizations during the Russian invasion. It destroys user data and partition information.
How It Spreads
- • Targeted deployment via GPO
What It Does
- • Destroys partition tables
- • Wipes files
- • Uses Group Policy deployment
Is your business exposed?
Target Platforms
Windows
Detection Tips
- • Monitor GPO changes
- • Watch for partition manipulation
MITRE ATT&CK Techniques
T1561, T1484
If You're Infected
- 1.
Data destruction is permanent
Related Malware
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required