ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool TerraWiper

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: TerraWiper

NamesTerraWiper
CategoryMalware
TypeWiper
Description(QuoINT) In October 2018 while hunting for TerraCrypt variants we discovered a wiper malware we dubbed TerraWiper. TerraWiper is a Master Boot Record (MBR) wiper compiled from PureBasic, and it uses a slightly different version of the obfuscator used for TerraLoader variants. TerraWiper samples attempt to render a machine unbootable by zero-ing its MBR. Therefore, it would be possible for an infected computer to easily recover the data, or to make the machine boot again by fixing its MBR.
Information<https://quointelligence.eu/2020/01/the-chicken-keeps-laying-new-eggs-uncovering-new-gc-maas-tools-used-by-top-tier-threat-actors/>

Last change to this tool card: 10 July 2020

Download this tool card in JSON format

Previous: TerraTV
Next: TeslaGun

All groups using tool TerraWiper

ChangedNameCountryObserved

APT groups

 Venom Spider, Golden ChickensRussia2017-Feb 2019 

1 group listed (1 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]