{"id":61035,"date":"2026-07-10T17:35:00","date_gmt":"2026-07-10T17:35:00","guid":{"rendered":"https:\/\/www.theregister.com\/a\/5270053"},"modified":"2026-07-10T17:35:00","modified_gmt":"2026-07-10T17:35:00","slug":"destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\/","title":{"rendered":"Destructive Windows backdoor stuffs multiple wipers and ransomware code into a single package"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/image.theregister.com\/5270084.jpg?imageId=5270084&amp;x=0&amp;y=0&amp;cropw=100&amp;croph=100&amp;panox=0&amp;panoy=0&amp;panow=100&amp;panoh=100&amp;width=1200&amp;height=683\" class=\"ff-og-image-inserted\"><\/div>\n<div data-element-guid=\"d11159dd-82a3-4c53-901c-d41dec75505c\" readability=\"31.434306569343\">\n<p class=\"kicker \">security<\/p>\n<p class=\"subtitle \">Microsoft says GigaWiper combines at least 3 malware families into one modular tool<\/p>\n<\/p><\/div>\n<div data-element-guid=\"4c9dc5d9-c886-4348-bf4a-01d0dc71377d\" readability=\"106.24917218543\">\n<p>A newly identified <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2026\/07\/09\/gigawiper-anatomy-of-a-destructive-backdoor-assembled-from-multiple-malware\/\">destructive Windows backdoor<\/a> combines ransomware-like encryption with multiple data-wiping features, according to Microsoft.<\/p>\n<p>Last October, the Redmond threat-hunting team first spotted attacks using the Golang-based implant they&#8217;ve named GigaWiper.&nbsp;<\/p>\n<p>Its developers stuffed multiple malware families into the software as on-demand commands, giving criminals a Swiss Army knife of command-and-control (C2) and destructive capabilities, including multiple wiping commands and file encryption without any possibility of decryption.<\/p>\n<p>\u201cThe consolidation of multiple destructive capabilities into a modular backdoor reflects a notable shift in wiper malware, which are typically designed purely to destroy rather than to extort and carry real-world consequences,\u201d Microsoft Threat Intelligence <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2026\/07\/09\/gigawiper-anatomy-of-a-destructive-backdoor-assembled-from-multiple-malware\/#conclusion-multiple-destructive-capabilities-consolidated-into-a-single-implant\" rel=\"nofollow\">wrote<\/a> in a Thursday blog. <\/p>\n<p>Microsoft declined to answer <span class=\"italic m-italic \" data-lab-italic=\"italic\">The Register<\/span>&#8216;s questions about the scale and scope of GigaWiper attacks.<\/p>\n<p>In the blog, Redmond\u2019s malware analysts said they uncovered two types of GigaWiper samples in victims\u2019 environments, and both are unstripped portable executable files written in Golang.&nbsp;<\/p>\n<p>One is a standalone <a href=\"https:\/\/www.theregister.com\/security\/2026\/04\/28\/dont-pay-vect-a-ransom-your-big-files-are-likely-gone\/5227697\">wiper<\/a> that operates at the physical disk level, as opposed to deleting individual files. It overwrites raw disk content, removes partition metadata, and then reboots the system using Windows shutdown functionality with restart and zero-delay.<\/p>\n<p>The second sample is the more interesting one. It includes the same disk-wiping functionality, but that\u2019s just one component of the backdoor. This malware also establishes persistence and sets up C2 communication using RabbitMQ over AMQP for receiving commands from the C2 server, and Redis for updating command status and output.<\/p>\n<p>GigaWiper also organizes its commands into different categories, including &#8220;always run&#8221; for tasks such as continuous screen recording, &#8220;manage command&#8221; for system management functions, and separate &#8220;special command&#8221; and &#8220;shell command&#8221; modes for executing additional functionality.<\/p>\n<div data-element-guid=\"afe083ca-6701-48e9-9bd8-f8827dd7fb42\" class=\"lab4 column articleList layout_vertical imageLayout_left small-12 large-12 small-abs-12 large-abs-12 abs_grid_12 grid-vas-start mobile-grid-vas-start\">\n<div class=\"content border_width_0 border_width_mobile_0 border-radius-48 border-radius-mobile_48\">\n<h2 class=\"article-list-title t19 font-RobotoCondensed\">MORE CONTEXT<\/h2>\n<\/p><\/div>\n<\/div>\n<p>These include the standalone wiper command, along with another command that disables Windows recovery, triggers a blue screen of death (BSOD), and leaves the device unable to boot.<\/p>\n<p>It also has a destructive command based largely on Crucio ransomware. It encrypts files with randomly generated keys that are never saved, which means victim organizations will <a href=\"https:\/\/www.theregister.com\/security\/2026\/04\/08\/criminal-wannabes-even-more-dangerous-than-the-pros\/5221722\">never be able to decrypt these files<\/a>.<\/p>\n<p>Another command bulk encrypts or decrypts files with AES-256 in Cipher Block Chaining (CBC) mode, while a different command uses MinIO Client (mc) to upload stolen files to remote storage.<\/p>\n<p>The malware also runs PowerShell commands, takes screen shots and recordings of the compromised device, collects system info, clears Windows event logs, and allows remote control over the system along with keyboard and mouse control &#8211; among other capabilities that attackers can use at will.<\/p>\n<p>According to Redmond, GigaWiper combines components from at least three previously separate malware families, including Crucio ransomware, a Go reimplementation of FlockWiper, and a standalone disk wiper.<\/p>\n<p>\u201cOverall, these findings show the evolution of the actor\u2019s tooling over time,\u201d the security sleuths wrote. \u201cFunctionality was merged into a single robust backdoor, granting the actor more ways to control and destroy infected systems.\u201d \u00ae<\/p>\n<\/p><\/div>\n<p><img decoding=\"async\" src=\"https:\/\/image.theregister.com\/?imageId=5270084&#038;width=800\">READ MORE <a href=\"https:\/\/www.theregister.com\/security\/2026\/07\/10\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\/5270053\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p> Microsoft says GigaWiper combines at least 3 malware families into one modular tool READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":61036,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[307],"class_list":["post-61035","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-register","tag-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v28.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Destructive Windows backdoor stuffs multiple wipers and ransomware code into a single package 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Destructive Windows backdoor stuffs multiple wipers and ransomware code into a single package 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2026-07-10T17:35:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/image.theregister.com\/5270084.jpg?imageId=5270084&amp;x=0&amp;y=0&amp;cropw=100&amp;croph=100&amp;panox=0&amp;panoy=0&amp;panow=100&amp;panoh=100&amp;width=1200&amp;height=683\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Destructive Windows backdoor stuffs multiple wipers and ransomware code into a single package\",\"datePublished\":\"2026-07-10T17:35:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\\\/\"},\"wordCount\":513,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/07\\\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package.jpg\",\"keywords\":[\"Security\"],\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\\\/\",\"name\":\"Destructive Windows backdoor stuffs multiple wipers and ransomware code into a single package 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/07\\\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package.jpg\",\"datePublished\":\"2026-07-10T17:35:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/07\\\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/07\\\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package.jpg\",\"width\":100,\"height\":70},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/security\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Destructive Windows backdoor stuffs multiple wipers and ransomware code into a single package\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Destructive Windows backdoor stuffs multiple wipers and ransomware code into a single package 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\/","og_locale":"en_US","og_type":"article","og_title":"Destructive Windows backdoor stuffs multiple wipers and ransomware code into a single package 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2026-07-10T17:35:00+00:00","og_image":[{"url":"https:\/\/image.theregister.com\/5270084.jpg?imageId=5270084&amp;x=0&amp;y=0&amp;cropw=100&amp;croph=100&amp;panox=0&amp;panoy=0&amp;panow=100&amp;panoh=100&amp;width=1200&amp;height=683","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Destructive Windows backdoor stuffs multiple wipers and ransomware code into a single package","datePublished":"2026-07-10T17:35:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\/"},"wordCount":513,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2026\/07\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package.jpg","keywords":["Security"],"articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\/","url":"https:\/\/www.threatshub.org\/blog\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\/","name":"Destructive Windows backdoor stuffs multiple wipers and ransomware code into a single package 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2026\/07\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package.jpg","datePublished":"2026-07-10T17:35:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2026\/07\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2026\/07\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package.jpg","width":100,"height":70},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/destructive-windows-backdoor-stuffs-multiple-wipers-and-ransomware-code-into-a-single-package\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Security","item":"https:\/\/www.threatshub.org\/blog\/tag\/security\/"},{"@type":"ListItem","position":3,"name":"Destructive Windows backdoor stuffs multiple wipers and ransomware code into a single package"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/61035","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=61035"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/61035\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/61036"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=61035"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=61035"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=61035"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}