Full Story;Microsoft has discovered a destructive Windows backdoor called GigaWiper that gives its operators remote control over infected computers before allowing them to trigger several forms of permanent system damage.
Malware Families
Researchers first identified the malware during destructive attacks in October 2025. Their analysis found that GigaWiper was not developed as one dedicated wiping tool. Its operators combined code from at least three older malware families and placed their destructive functions inside a single backdoor.
Once installed, GigaWiper can maintain access through a scheduled task disguised as “OneDrive Update.” The task runs at startup and every minute, allowing the malware to remain active while receiving commands through RabbitMQ servers and returning results through Redis.
According to Microsoft, operators can choose between several destructive actions depending on their objective. One command removes partition information, overwrites physical drives, and forces the computer to restart. Another targets only the Windows installation drive and overwrites its contents several times.
Microsoft Warns of GigaWiper Backdoor Built to Destroy Windows PCs
Microsoft details GigaWiper, a destructive Windows backdoor that can wipe disks, encrypt files and give attackers remote access to compromised systems globally.
hackread.com