IsaacWiper and HermeticWizard

  |  Source: 

IsaacWiper and HermeticWizard

Researchers at ESET have identified another wiper, IsaacWiper that was compiled as early as October 19th, 2021 and deployed against Ukraine on February 24th, 2022. There are limited details regarding IsaacWiper, as investigation is still on-going. Alternatively, a new support malware for HermeticWiper was identified named HermeticWizard. The malware HermeticWizard aids the wiper component as it "spreads HermeticWiper across a local network via WMI and SMB." There are no coding similarities between the two wiper malware HermeticWiper and IsaacWiper. Both HermeticWiper and HermeticWizard use the same (now revoked) code-signing certificate from "Hermetica Digital Ltd issued on April 13th, 2021."


Get trending threats published weekly by the Anvilogic team.

Sign Up Now