AcidPour
Description
(SentinelOne) On March 16th, 2024, we identified a suspicious Linux binary uploaded from Ukraine. Initial analysis showed surface similarities with the infamous AcidRain wiper used to disable KA-SAT modems across Europe at the start of the Russian invasion of Ukraine (commonly identified by the ‘Viasat hack’ misnomer). Since our initial finding, no similar samples or variants have been detected or publicly reported until now. This new sample is a confirmed variant we refer to as ‘AcidPour’, a wiper with similar and expanded capabilities.
Names
| Name |
|---|
| AcidPour |
Category
Malware
Type
- Wiper
Information
- https://www.sentinelone.com/labs/acidpour-new-embedded-wiper-variant-of-acidrain-appears-in-ukraine/
Mitre Attack
Malpedia
Other Information
Uuid
9ccc7961-d80b-4406-b644-214e82cdf048
Last Card Change
2025-06-28