Home / Technology

Photo of person at computer, code, software
Image: via cdn.mos.cms.futurecdn.net
Technology

Microsoft Warns of 'GigaWiper' Malware with Destructive Capabilities

WireByte Staff · July 10, 2026

Microsoft has discovered a new multi-malware package called 'GigaWiper' attributed to Iranian group CyberAv3ngers. It can wipe drives, encrypt files, and spy on victims via screenshots and system data theft. The malware hides under fake OneDrive tasks and registry keys, with no recovery path for victims' data.

Key points

  • Microsoft discovered 'GigaWiper', a malware package attributed to Iranian group CyberAv3ngers.
  • GigaWiper combines multiple variants to wipe drives, encrypt files, and spy on victims.
  • The malware hides under fake OneDrive tasks and registry keys, with no recovery path for victims' data.
  • Microsoft warns that GigaWiper can destroy contents of the disk directly, with no ransom note or decryption key.
  • The malware is attributed to Iranian state-sponsored threat actors, with a possible cheeky dig at Microsoft.
  • Experts are analyzing the malware's obfuscation mechanism, which may provide clues to its creators.

Microsoft has issued a warning about a new piece of malware called 'GigaWiper', which has been attributed to Iranian group CyberAv3ngers. The malware package combines multiple variants to wipe drives, encrypt files, and spy on victims. GigaWiper hides under fake OneDrive tasks and registry keys, making it difficult to detect.

The malware's destructive capabilities are a major concern, as it can destroy contents of the disk directly with no ransom note or decryption key. This means that victims will have no way to recover their data, making it a particularly malicious piece of malware.

Experts are analyzing the malware's obfuscation mechanism, which may provide clues to its creators. The malware's attribution to Iranian state-sponsored threat actors is also a concern, as it highlights the ongoing threat of nation-state sponsored cyber attacks.

Microsoft's warning serves as a reminder of the importance of staying vigilant and taking proactive measures to protect against malware attacks. Users are advised to be cautious when opening emails and attachments, and to keep their software up to date with the latest security patches.

Sources

WireByte Staff — Editorial Team

The WireByte editorial team synthesises technology news from multiple primary sources, verifies the facts, and links every source. Articles are produced with AI assistance and reviewed under our editorial policy.