Wiper
WhisperGate
First seen: 2022-01 • Status: inactive
Currently Inactive
WhisperGate looked like ransomware but was really a Russian weapon to destroy Ukrainian government computers before the invasion.
Overview
WhisperGate preceded the Russian invasion of Ukraine by a month. It disguised itself as ransomware but was actually a destructive wiper.
How It Spreads
- • Supply chain compromise
- • Targeted attacks
What It Does
- • Corrupts MBR
- • Overwrites files
- • Fake ransomware note
Is your business exposed?
Target Platforms
Windows
Detection Tips
- • Watch for MBR corruption
- • Analyze ransomware for destructive behavior
MITRE ATT&CK Techniques
T1561, T1486
If You're Infected
- 1.
Data cannot be recovered - destructive wiper
Related Malware
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required