SYMBOLCOMMON_NAMEaka. SYNONYMS
elf.acidrain (Back to overview)

AcidRain

A MIPS ELF binary with wiper functionality used against Viasat KA-SAT modems.

References
2022-10-24Youtube (Virus Bulletin)Alexander Adamov
@online{adamov:20221024:russian:97d3e2a, author = {Alexander Adamov}, title = {{Russian wipers in the cyberwar against Ukraine}}, date = {2022-10-24}, organization = {Youtube (Virus Bulletin)}, url = {https://www.youtube.com/watch?v=mrTdSdMMgnk}, language = {English}, urldate = {2023-03-20} } Russian wipers in the cyberwar against Ukraine
AcidRain CaddyWiper DesertBlade DoubleZero EternalPetya HermeticWiper HermeticWizard INDUSTROYER2 IsaacWiper KillDisk PartyTicket WhisperGate
2022-08-18TrustwavePawel Knapczyk
@online{knapczyk:20220818:overview:bf3eca2, author = {Pawel Knapczyk}, title = {{Overview of the Cyber Weapons Used in the Ukraine - Russia War}}, date = {2022-08-18}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/overview-of-the-cyber-weapons-used-in-the-ukraine-russia-war/}, language = {English}, urldate = {2022-08-28} } Overview of the Cyber Weapons Used in the Ukraine - Russia War
AcidRain CaddyWiper Cobalt Strike CredoMap DCRat DoubleZero GraphSteel GrimPlant HermeticWiper INDUSTROYER2 InvisiMole IsaacWiper PartyTicket
2022-08-18TrustwavePawel Knapczyk
@online{knapczyk:20220818:overview:a12950c, author = {Pawel Knapczyk}, title = {{Overview of the Cyber Weapons Used in the Ukraine - Russia War}}, date = {2022-08-18}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/overview-of-the-cyber-weapons-used-in-the-ukraine-russia-war}, language = {English}, urldate = {2022-08-22} } Overview of the Cyber Weapons Used in the Ukraine - Russia War
AcidRain CaddyWiper Cobalt Strike CredoMap DCRat DoubleZero GraphSteel GrimPlant HermeticWiper INDUSTROYER2 InvisiMole IsaacWiper PartyTicket
2022-05-19splunkSplunk Threat Research Team
@online{team:20220519:threat:63b1c42, author = {Splunk Threat Research Team}, title = {{Threat Update: AcidRain Wiper}}, date = {2022-05-19}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/threat-update-acidrain-wiper.html}, language = {English}, urldate = {2022-05-29} } Threat Update: AcidRain Wiper
AcidRain
2022-05-02AT&TFernando Martinez
@online{martinez:20220502:analysis:e5d626b, author = {Fernando Martinez}, title = {{Analysis on recent wiper attacks: examples and how wiper malware works}}, date = {2022-05-02}, organization = {AT&T}, url = {https://cybersecurity.att.com/blogs/labs-research/analysis-on-recent-wiper-attacks-examples-and-how-they-wiper-malware-works}, language = {English}, urldate = {2022-05-04} } Analysis on recent wiper attacks: examples and how wiper malware works
AcidRain CaddyWiper DoubleZero HermeticWiper INDUSTROYER2 IsaacWiper
2022-04-28FortinetGergely Revay
@online{revay:20220428:overview:0ac963f, author = {Gergely Revay}, title = {{An Overview of the Increasing Wiper Malware Threat}}, date = {2022-04-28}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat}, language = {English}, urldate = {2022-04-29} } An Overview of the Increasing Wiper Malware Threat
AcidRain CaddyWiper DistTrack DoubleZero EternalPetya HermeticWiper IsaacWiper Olympic Destroyer Ordinypt WhisperGate ZeroCleare
2022-04-15splunkSplunk Threat Research Team
@online{team:20220415:strtta03:9292c09, author = {Splunk Threat Research Team}, title = {{STRT-TA03 CPE - Destructive Software}}, date = {2022-04-15}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/strt-ta03-cpe-destructive-software.html}, language = {English}, urldate = {2022-04-29} } STRT-TA03 CPE - Destructive Software
AcidRain CyclopsBlink
2022-04-04Cyber Security NewsGurubaran
@online{gurubaran:20220404:acidrain:e53d7e4, author = {Gurubaran}, title = {{AcidRain Wiper Malware hit Routers and Modems, Haults Communication}}, date = {2022-04-04}, organization = {Cyber Security News}, url = {https://cybersecuritynews.com/acidrain-wiper-malware/}, language = {English}, urldate = {2022-04-07} } AcidRain Wiper Malware hit Routers and Modems, Haults Communication
AcidRain
2022-03-31Sentinel LABSJuan Andrés Guerrero-Saade
@online{guerrerosaade:20220331:acidrain:723eb80, author = {Juan Andrés Guerrero-Saade}, title = {{AcidRain | A Modem Wiper Rains Down on Europe}}, date = {2022-03-31}, organization = {Sentinel LABS}, url = {https://www.sentinelone.com/labs/acidrain-a-modem-wiper-rains-down-on-europe/}, language = {English}, urldate = {2022-03-31} } AcidRain | A Modem Wiper Rains Down on Europe
AcidRain VPNFilter
2022-03-31Bleeping ComputerSergiu Gatlan
@online{gatlan:20220331:viasat:bdb9f30, author = {Sergiu Gatlan}, title = {{Viasat confirms satellite modems were wiped with AcidRain malware}}, date = {2022-03-31}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/viasat-confirms-satellite-modems-were-wiped-with-acidrain-malware/}, language = {English}, urldate = {2022-04-04} } Viasat confirms satellite modems were wiped with AcidRain malware
AcidRain
2022-03-31reversemodeRuben Santamarta
@online{santamarta:20220331:viasat:49e5dce, author = {Ruben Santamarta}, title = {{VIASAT incident: from speculation to technical details.}}, date = {2022-03-31}, organization = {reversemode}, url = {https://www.reversemode.com/2022/03/viasat-incident-from-speculation-to.html}, language = {English}, urldate = {2022-04-05} } VIASAT incident: from speculation to technical details.
AcidRain
2020-03-31Tech TimesIsaiah Richard
@online{richard:20200331:viasat:9038227, author = {Isaiah Richard}, title = {{Viasat Hit with Russia’s Wiper Malware called ‘AcidRain,’ Affecting European Services}}, date = {2020-03-31}, organization = {Tech Times}, url = {https://www.techtimes.com/articles/273755/20220331/viasat-hit-russia-s-wiper-malware-called-acidrain-affecting-european.htm}, language = {English}, urldate = {2022-04-05} } Viasat Hit with Russia’s Wiper Malware called ‘AcidRain,’ Affecting European Services
AcidRain

There is no Yara-Signature yet.