Summary:Dangerous Windows Backdoor Bundles Wipers and Ransomware in One Threat Microsoft says GigaWiper com
referrerpolicy="no-referrer"
style="max-width:100%;height:auto;display:block;margin:0 auto;">
Dangerous Windows Backdoor Bundles Wipers and Ransomware in One Threat
Microsoft says GigaWiper combines at least 3 malware families into one modular tool
**Introduction**
Security researchers at Microsoft have uncovered a new Windows‑based threat dubbed GigaWiper that fuses the capabilities of a backdoor, a data‑wiper, and ransomware into a single modular payload. The discovery, announced in Microsoft’s latest threat intelligence brief, highlights how adversaries are consolidating disparate attack techniques to increase impact while reducing the footprint of their toolkits. GigaWiper targets enterprise environments running Windows 10 and 11, exploiting known vulnerabilities in remote desktop services and unpatched SMB shares to gain initial foothold. Once inside, the malware can exfiltrate credentials, encrypt files for ransom, and, if the attacker chooses, trigger a destructive wipe that renders systems unusable.
**Key Developments**
Microsoft’s analysis reveals that GigaWiper is built from three distinct malware families: a credential‑stealing backdoor similar to the notorious Cobalt Strike beacons, a ransomware module that employs AES‑256 encryption with a unique key per victim, and a wiper component that overwrites the master boot record and critical system files. The modular architecture allows threat actors to enable or disable each function via a simple configuration file, tailoring the attack to the victim’s perceived value or the attacker’s current objectives. Telemetry shows the malware has been observed in limited campaigns targeting financial institutions in Europe and healthcare providers in North America, with infection vectors primarily consisting of phishing emails containing malicious Office documents that exploit CVE‑2023‑36884.
**Industry Analysis**
The emergence of GigaWiper underscores a growing trend toward “all‑in