THE article discusses a new Windows malware called GigaWiper, identified by Microsoft. This modular backdoor, seen in cyber intrusions since October 2025, combines remote access capabilities with multiple destructive functions. Key features include various data destruction methods like raw disk wiping, fake ransomware attacks, and monitoring functions like screen capture. GigaWiper features about 20 commands for destruction, monitoring, and system management.
It maintains persistence through a scheduled task and connects to specific command-and-control servers. To defend against it, users are advised to disconnect affected machines, enable tamper protection, and monitor for specific malicious activities. Detection is possible with Malwarebytes' identified names.