Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.

Threats Tagged 't1485'

View all threats tagged with 't1485'. Filter and sort to focus on specific types of threats.

Pro Console Lifetime

Stop chasing alerts. Route them.

Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.

Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)

View Plans & Pricing

API access activates after upgrading in Console -> Billing.

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now

Filter Threats

Narrow down the results by type, severity, or affected countries

Search threats by title, CVE ID, or description. Maximum 100 characters.
Active filters (1):Tag: t1485

Threats Tagged 't1485'

Click on any threat for detailed analysis and mitigation recommendations

GigaWiper: Anatomy of a destructive backdoor assembled from multiple malware
0

GigaWiper is a sophisticated Golang-based backdoor discovered in October 2025 that integrates command-and-control features with multiple destructive payloads. It combines functionality from at least three malware families, including a physical disk wiper, a fake ransomware component encrypting files with unsaved keys, and an enhanced multi-pass secure wiper. The backdoor supports 20 commands for control, system information gathering, and destructive actions such as disk wiping, screen recording, remote control, BSOD triggering, and event log clearing. Persistence is maintained via scheduled tasks, and communication occurs through RabbitMQ and Redis servers. No specific affected software versions or patches are identified, and no known exploits in the wild have been reported. The severity is assessed as medium based on the destructive capabilities described.

Join the discussion
Gamers beware: malicious wallpapers on Steam found stealing accounts
0

Since late 2025, cybercriminals have been exploiting Wallpaper Engine, a popular live wallpaper application on Steam, to distribute malware through Steam Workshop. Attackers target primarily Chinese and Russian gamers by embedding malicious code within application wallpapers shared on the platform. These compromised wallpapers deliver various malware types including infostealers, backdoors, crypto miners, and ransomware. One analyzed sample dropped DarkKomet backdoor while hijacking Steam sessions to steal account credentials. The malware modifies system libraries to locate Steam installations and exfiltrate data to attacker-controlled servers. Compromised accounts are then used to upload additional malicious wallpapers. The diverse malware families suggest multiple independent hacking groups are exploiting this distribution method. Infected wallpapers received thousands of downloads before removal, with 89% of infections occurring in China.

Join the discussion

Showing 1 to 2 of 2 results

Filters:Tag: t1485
Page 1 of 1
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses