Hackfest 2023 - Back to the Future

A Primer on Wipers
10-14, 13:30–13:50 (Canada/Eastern), Workshops & Speed
Language: English

We'll be taking a look into the history and technical evolution of wiper malware, starting from Shamoon all the way to the modern-day wipers found in the Russia-Ukraine conflict.


There's several topics we'll cover:

In the first section, we'll talk about what wipers are and how they are defined in academic literature as well as security news reporting. We'll establish what the general motive of a wiper attack is, what threat actors tend to use wipers, and what the typical patterns are in terms of tactics and techniques.

In the second section, we'll discuss the chronological history of wipers and use it to frame how wiper malware has evolved over time. The central focus of this to highlight the commonalities and recurring themes through history even as the technical sophistication can grow.

Finally, we'll discuss some of the various types of wiper malware identified in the modern-day, particularly the wiper attacks on Ukraine.

Throughout the talk, we'll be citing several different sources from academic and industry research. My hope is that this talk can provide a helpful jumpstart for those who are interested to dive deeper, but the presentation itself should provide a helpful summary of what we know about wipers today.


Are you releasing a tool?

No

Ali Maredia is a security engineer, working on enterprise security architecture and developing security tools. Prior to that, he worked as a security engineer in the financial industry, specializing in threat intelligence. With a background in software engineering, Ali holds a bachelor's degree from the University of Texas at Austin. His interests include CTFs and teaching programming to underprivileged youth.