Definition
HermeticWiper is a disk-wiping malware that specifically affects Windows devices by destroying files, distressing physical drives, and corrupting the master boot record (MBR).
The intelligence community in Ukraine first detected it in February 2022 when they observed a new malware sample in Ukrainian organizations.
How Hermeticwiper Works
- System infiltration: The malware gets into your system by exploiting vulnerabilities such as unpatched software applications or operating systems or via malicious emails.
- Execution: Once inside, HermeticWiper launches its malicious code and creates a foothold to advance the data-wiping process.
- Files overwrite or deletion: The malware overwrites or deletes your files and system data used to run the operating system and installed programs. This makes it very difficult to restore deleted files without considerable help from professionals.
- Persistence: HermeticWiper uses other tactics such as changing system settings, creating backdoor access, or creating hidden files to ensure it is retained in your system.
Protecting Against Hermaticwiper Attacks
- Keep systems up to date: Install the latest anti-malware software and ensure regular updates for the latest fixes and security patches.
- Regular scans: Increase the frequency of threat scans to identify new malicious files in your system.
- Regular data backup: Back up your data more often to minimize the impact of a HermeticWiper attack in case it happens.
- Separate your data: Keep your private data and files in a remote location to prevent harm by the hermeticWiper attack.
