KillDisk a malware variant designed to wipe data from hard drives. KillDisk was used by cyber-espionage group Sandworm team, also known as TeleBots, to target and sabotage ICS/SCADA networks in the Ukraine. The December 2015 cyber-attack was the first of its kind, resulting in a power outage that lasted up to 6 hours and affected approximately 225,000 people. In late 2016, it was used again by Sandworm team to target Ukrainian banks. In early 2017, a separate KillDisk version was discovered with ransomware capabilities.
- March 2016: KillDisk used in cyber-attack causing power outage in the Ukraine. (Wired)
- December 2016: Sandworm team targets Ukrainian banks with KillDisk malware. (Security Affairs)
- January 2018: New KillDisk variant targets financial institutions in Latin America. (Trend Micro)
- June 2018: New KillDisk variant targets Latin American financial organizations again. (Trend Micro)
- ESET provides technical analysis on KillDisk here.