Suspected Russian Information-Wiping ‘AcidPour’ Malware Concentrating on Linux x86 Gadgets

Data-Wiping Malware

A brand new variant of a knowledge wiping malware referred to as AcidRain has been detected within the wild that is particularly designed for focusing on Linux x86 units.

The malware, dubbed AcidPour, is compiled for Linux x86 units, SentinelOne’s Juan Andres Guerrero-Saade stated in a collection of posts on X.

“The brand new variant […] is an ELF binary compiled for x86 (not MIPS) and whereas it refers to comparable units/strings, it is a largely completely different codebase,” Guerrero-Saade noted.

AcidRain first got here to gentle within the early days of the Russo-Ukrainian struggle, with the malware deployed towards KA-SAT modems from U.S. satellite tv for pc firm Viasat.

An ELF binary compiled for MIPS architectures is able to wiping the filesystem and completely different identified storage gadget information by recursively iterating over widespread directories for many Linux distributions.


The cyber assault was subsequently attributed to Russia by the 5 Eyes nations, together with Ukraine and the European Union.

AcidPour, as the brand new variant is known as, is designed to erase content material from RAID arrays and Unsorted Block Picture (UBI) file techniques by the addition of file paths like “/dev/dm-XX” and “/dev/ubiXX,” respectively.

It is at present not clear who the supposed victims are, though SentinelOne stated it notified Ukrainian businesses. The precise scale of the assaults is presently unknown.

The invention as soon as once more underscores the usage of wiper malware to cripple targets, at the same time as risk actors are diversifying their assault strategies for optimum affect.

Notify of
Inline Feedbacks
View all comments
Previous Post
Phishing Attacks

Hackers Exploiting Standard Doc Publishing Websites for Phishing Assaults

Next Post
Which Is Better for 10 Common Infosec Tasks?

‘Dialog Overflow’ Cyberattacks Bypass AI Safety to Goal Execs

Related Posts