Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
Sophisticated GigaWiper Malware Threatens System Security

Sophisticated GigaWiper Malware Threatens System Security

Posted on July 10, 2026 By CWS

For the past eight months, a complex cyber threat known as GigaWiper has been targeting systems with its advanced backdoor and wiper functionalities, according to a recent report by Microsoft. This malware is recognized for its ability to perform extensive system-level sabotage.

Understanding GigaWiper’s Sophisticated Design

GigaWiper is designed as a Go-based backdoor, incorporating multiple malware families and exhibiting strong command-and-control (C&C) capabilities. This modular design allows attackers to execute various commands, including a standalone wiper, a ransomware-like encryption command, and multiple wiping operations.

Microsoft highlights that the integration of destructive capabilities into GigaWiper’s backdoor represents a significant evolution in wiper malware. Traditionally, such malware is exclusively destructive, but GigaWiper also holds extortive potential, increasing its real-world impact.

Technical Operations and System Impact

First detected in October 2025, GigaWiper operates at a low level, engaging with the physical disk. It uses Windows Management Instrumentation (WMI) to identify and erase partitions on non-Windows drives, followed by a system reboot. The backdoor component replicates these wiping functions while maintaining system persistence and C&C communication via RabbitMQ and Redis.

Upon receiving commands, the malware can trigger the wiper, initiate a Blue Screen of Death (BSOD), upload files remotely, execute programs, and perform various system manipulations. Notably, it supports two file-encryption commands: one permanently destructive and another allowing bulk encryption and decryption.

Origins and Connections to Other Threats

GigaWiper appears to be the creation of the developer behind Crucio ransomware, owing to similarities in encryption code. Additionally, it shares features with FlockWiper, noted for its identical wiping function, transitioned into Go in mid-2025.

This malware’s backdoor is a powerful tool in the hands of threat actors, providing them with the ability to manage processes, registry settings, and services remotely, while also facilitating the clearing of Windows logs. The integration of older, distinct malware functionalities into GigaWiper enhances its destructive potential.

Microsoft’s analysis underscores GigaWiper’s dual capacity for both covert espionage and overt destruction, granting attackers significant operational flexibility over compromised systems.

Future Implications and Security Measures

The emergence of GigaWiper underscores the evolving threat landscape and the need for robust cybersecurity measures. Organizations must enhance their defenses against such sophisticated threats, ensuring comprehensive protection and quick response capabilities.

As cyber threats like GigaWiper continue to develop, vigilance and advanced security protocols remain crucial. Ongoing monitoring and swift adaptation to new threats can help mitigate the risks posed by such potent malware.

Security Week News Tags:Backdoor, C&C, cyber threat, Cybersecurity, data security, disk wiping, Encryption, GigaWiper, Go-based malware, Malware, Microsoft, Persistence, Ransomware, system sabotage, Wiper

Post navigation

Previous Post: Crypto Wallet Flaw ‘Ill Bloom’ Leads to $3.1 Million Theft
Next Post: Dormant GitHub Accounts Exploited for Source Code Recon

Related Posts

Andrei Tarasov: Inside the Journey of a Russian Hacker on the FBI’s Most Wanted List Andrei Tarasov: Inside the Journey of a Russian Hacker on the FBI’s Most Wanted List Security Week News
Cyber Insurance Enhances CISO Budget Negotiations Cyber Insurance Enhances CISO Budget Negotiations Security Week News
Millions of Eurail User Records at Risk After Data Breach Millions of Eurail User Records at Risk After Data Breach Security Week News
MokN Raises  Million for Phish-Back Solution MokN Raises $3 Million for Phish-Back Solution Security Week News
Extortion Group Leaks Millions of Records From Salesforce Hacks Extortion Group Leaks Millions of Records From Salesforce Hacks Security Week News
CISA Analyzes Malware From Ivanti EPMM Intrusions CISA Analyzes Malware From Ivanti EPMM Intrusions Security Week News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • Critical GNU Guix Vulnerabilities Permit Remote Attacks
  • DHS Database Breach and Adobe’s Security Enhancements
  • WhatsApp-to-Host Attack via OpenClaw Flaws Detailed
  • Windows Shortcuts Exploit PowerShell for Remote Attacks
  • Okta Alerts on Vishing Threat to Microsoft 365 Users

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • Critical GNU Guix Vulnerabilities Permit Remote Attacks
  • DHS Database Breach and Adobe’s Security Enhancements
  • WhatsApp-to-Host Attack via OpenClaw Flaws Detailed
  • Windows Shortcuts Exploit PowerShell for Remote Attacks
  • Okta Alerts on Vishing Threat to Microsoft 365 Users

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark