ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool AcidRain

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: AcidRain

NamesAcidRain
CategoryMalware
TypeWiper
Description(SentinelOne) AcidRain’s functionality is relatively straightforward and takes a bruteforce attempt that possibly signifies that the attackers were either unfamiliar with the particulars of the target firmware or wanted the tool to remain generic and reusable. The binary performs an in-depth wipe of the filesystem and various known storage device files. If the code is running as root, AcidRain performs an initial recursive overwrite and delete of non-standard files in the filesystem.
Information<https://www.sentinelone.com/labs/acidrain-a-modem-wiper-rains-down-on-europe/>
<https://therecord.media/a-deeper-look-at-the-malware-being-used-on-ukrainian-targets/>
<https://cybersecurity.att.com/blogs/labs-research/analysis-on-recent-wiper-attacks-examples-and-how-they-wiper-malware-works>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/elf.acidrain>

Last change to this tool card: 27 December 2022

Download this tool card in JSON format

All groups using tool AcidRain

ChangedNameCountryObserved

Unknown groups

X_[ Interesting malware not linked to an actor yet ]_ 

1 group listed (0 APT, 0 other, 1 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]