ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool DoubleZero

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: DoubleZero

NamesDoubleZero
FiberLake
CategoryMalware
TypeWiper
Description(Talos) The Computer Emergency Response Team of Ukraine released an advisory on March 22, 2022 disclosing another wiper dubbed 'DoubleZero' targeting Ukrainian enterprises during Russia's invasion of the country. This wiper was detected as early as March 17, 2022. DoubleZero is yet another wiper discovered in addition to previously disclosed attacks we've seen in Ukraine over the past two months, such as 'CaddyWiper' 'HermeticWiper' and 'WhisperGate.'

DoubleZero is a .NET-based implant that destroys files, registry keys and trees on the infected endpoint.
Information<https://blog.talosintelligence.com/2022/03/threat-advisory-doublezero.html>
<https://therecord.media/a-deeper-look-at-the-malware-being-used-on-ukrainian-targets/>
<https://cybersecurity.att.com/blogs/labs-research/analysis-on-recent-wiper-attacks-examples-and-how-they-wiper-malware-works>
<https://unit42.paloaltonetworks.com/doublezero-net-wiper/>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.doublezero>

Last change to this tool card: 27 December 2022

Download this tool card in JSON format

Previous: DoublePulsar
Next: DoubleT

All groups using tool DoubleZero

ChangedNameCountryObserved

Unknown groups

X_[ Interesting malware not linked to an actor yet ]_ 

1 group listed (0 APT, 0 other, 1 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]