SYMBOLCOMMON_NAMEaka. SYNONYMS
win.swiftslicer (Back to overview)

SwiftSlicer

aka: JaguarBlade

Actor(s): Sandworm

According to ESET, this is a wiper written in Go, that was deployed against an Ukrainian organization on January 25th 2023 through Group Policy, which suggests that the attackers had taken control of the victim’s Active Directory environment.

References
2023-03-15MicrosoftMicrosoft Threat Intelligence
A year of Russian hybrid warfare in Ukraine
CaddyWiper DesertBlade DoubleZero HermeticWiper INDUSTROYER2 IsaacWiper PartyTicket SwiftSlicer WhisperGate
2023-01-27ESET ResearchESET Research
SwiftSlicer: New destructive wiper malware strikes Ukraine
SwiftSlicer
2023-01-27ESET ResearchESET Research
Tweets on SwiftSlicer
SwiftSlicer

There is no Yara-Signature yet.