SwiftSlicer (Malware Family)

SYMBOL	COMMON_NAME	aka. SYNONYMS

win.swiftslicer (Back to overview)

SwiftSlicer

aka: JaguarBlade

Actor(s): Sandworm

According to ESET, this is a wiper written in Go, that was deployed against an Ukrainian organization on January 25th 2023 through Group Policy, which suggests that the attackers had taken control of the victim’s Active Directory environment.

References

2023-03-15 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
A year of Russian hybrid warfare in Ukraine
CaddyWiper DesertBlade DoubleZero HermeticWiper INDUSTROYER2 IsaacWiper PartyTicket SwiftSlicer WhisperGate

2023-01-27 ⋅ ESET Research ⋅ ESET Research
Tweets on SwiftSlicer
SwiftSlicer

2023-01-27 ⋅ ESET Research ⋅ ESET Research
SwiftSlicer: New destructive wiper malware strikes Ukraine
SwiftSlicer

There is no Yara-Signature yet.

SwiftSlicer Propose Change

References

SwiftSlicer