How wiper malware works, and why it’s so devastating

A newly discovered wiper malware, PathWiper, was deployed in Ukraine in June 2025 via legitimate endpoint administration tools. It overwrote files, and the grueling recovery has involved full rebuilds.

Unlike earlier wipers that blindly iterated through drive numbers, PathWiper is precise, verifying valid volumes before corrupting them, according to the industry publication Security Affairs.

Wiper malware is a particularly destructive type of malicious software designed with one primary goal: to cause irreparable damage to an organization's information systems. Unlike ransomware, which typically encrypts data for a ransom, wiper malware aims to completely take systems offline by destroying data and making recovery impossible.

Read more