DoubleZero
Description
(Talos) The Computer Emergency Response Team of Ukraine released an advisory on March 22, 2022 disclosing another wiper dubbed ‘DoubleZero’ targeting Ukrainian enterprises during Russia’s invasion of the country. This wiper was detected as early as March 17, 2022. DoubleZero is yet another wiper discovered in addition to previously disclosed attacks we’ve seen in Ukraine over the past two months, such as ‘CaddyWiper’ ‘HermeticWiper’ and ‘WhisperGate.’
DoubleZero is a .NET-based implant that destroys files, registry keys and trees on the infected endpoint.
Names
| Name |
|---|
| DoubleZero |
| FiberLake |
Category
Malware
Type
- Wiper
Information
- https://blog.talosintelligence.com/2022/03/threat-advisory-doublezero.html
- https://therecord.media/a-deeper-look-at-the-malware-being-used-on-ukrainian-targets/
- https://cybersecurity.att.com/blogs/labs-research/analysis-on-recent-wiper-attacks-examples-and-how-they-wiper-malware-works
- https://unit42.paloaltonetworks.com/doublezero-net-wiper/
Malpedia
Other Information
Uuid
52b5ac80-4227-4351-8032-52ea1a878d6e
Last Card Change
2022-12-27