Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Lotus Wiper destructive activity against Venezuelan energy systems

Malware Activity
First reported
Last updated
Happening score
H score 36
1 unique sources, 1 articles

Summary

Hide ▲

Researchers uncovered Lotus Wiper, a previously undocumented data wiper, in destructive attacks against Venezuela. The operation targeted the energy and utilities sector and used batch scripts to disable defenses before launching the payload. The wiper is designed to erase recovery options, overwrite drives, and leave systems in an inoperable state.

Related Happenings

Vect 2.0 ransomware wiper-flaw activity

Malware Activity
First: 29.04.2026 18:23 Last: 29.04.2026 18:23 Sources 1

About this happening: The **Vect 2.0** ransomware variant now **permanently destroys large files** instead of encrypting them, which can leave defenders without a recoverable copy. The flaw affects ver...

Open Happening

Lotus Wiper destructive campaign targeting Venezuela's energy and utilities sector

Campaign
First: 22.04.2026 13:55 Last: 22.04.2026 13:55 Sources 1

How related: Dubbed Lotus Wiper, the novel file wiper has been used in a destructive campaign targeting the energy and utilities sector in Venezuela, per findings from Kaspersky.

About this happening: The **Lotus Wiper** operation targeted **Venezuela's energy and utilities sector** in a **destructive campaign** spanning the end of **2025** and the start of **2026**, indicating...

Open Happening

Lotus data-wiping malware used against Venezuelan energy and utilities organizations

Malware Activity
First: 21.04.2026 21:38 Last: 21.04.2026 21:38 Sources 1

About this happening: The **Lotus** data-wiping malware was used in **targeted attacks** against **energy and utilities organizations in Venezuela**, putting victims at risk of irreversible system dest...

Open Happening

Transparent Tribe AI-assisted implant campaign targeting India

Campaign
First: 06.03.2026 17:11 Last: 06.03.2026 17:11 Sources 1

About this happening: **Transparent Tribe (APT36)** is using **AI-powered coding tools** to mass-produce disposable implants in an active **campaign** targeting the **Indian government**, its embassies...

Open Happening

Timeline

  1. 22.04.2026 13:55 2 articles · 1mo ago

    Lotus Wiper disclosed in Venezuelan destructive campaign

    Initial Disclosure

    Kaspersky disclosed Lotus Wiper as a previously undocumented file wiper used against energy and utilities organizations in Venezuela, describing a destructive chain built around two batch scripts that disable defenses, check NETLOGON access, and launch a final payload that deletes restore points, overwrites physical sectors, clears USN journal metadata, and wipes mounted volumes. The activity was described as highly targeted and not motivated by extortion or payment demands.

    Show sources
    Open in new tab