Wiper Malware
What is Wiper Malware?
Wiper MalwareDestructive malware whose primary goal is to irreversibly erase or corrupt data, firmware, or boot records — not financial gain.
A wiper is malware designed for destruction rather than profit. It overwrites files, disk sectors, partition tables, or firmware so that affected systems become unbootable and data unrecoverable. Some wipers masquerade as ransomware, displaying a ransom note even though no decryption key exists. Wipers are typical of state-sponsored sabotage, hacktivism and wartime cyber operations, and have been used heavily against Ukrainian infrastructure since 2022. Defences emphasize tested offline backups, immutable storage, network segmentation, robust EDR/XDR, restricting admin tools (PsExec, Group Policy), and rapid containment of suspected destructive incidents.
● Examples
- 01
NotPetya (2017), a wiper disguised as ransomware that caused billions in damage.
- 02
HermeticWiper and CaddyWiper, used against Ukrainian targets in 2022.
● Frequently asked questions
What is Wiper Malware?
Destructive malware whose primary goal is to irreversibly erase or corrupt data, firmware, or boot records — not financial gain. It belongs to the Malware category of cybersecurity.
What does Wiper Malware mean?
Destructive malware whose primary goal is to irreversibly erase or corrupt data, firmware, or boot records — not financial gain.
How do you defend against Wiper Malware?
Defences for Wiper Malware typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Wiper Malware?
Common alternative names include: Disk wiper, Destructive malware.