Breaking
Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621 Hackers Hide Credit Card Stealer in Pixel-Sized SVG Images Targeting Magento Stores Microsoft Suspends Developer Accounts for High-Profile Open Source Projects European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack Ransomware Attacks Surge in 2026: Healthcare and Finance Most Targeted Google Chrome Zero-Day Vulnerability Actively Exploited – Update Immediately Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621 Hackers Hide Credit Card Stealer in Pixel-Sized SVG Images Targeting Magento Stores Microsoft Suspends Developer Accounts for High-Profile Open Source Projects European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack Ransomware Attacks Surge in 2026: Healthcare and Finance Most Targeted Google Chrome Zero-Day Vulnerability Actively Exploited – Update Immediately
Latest Threat Intel Zero-Days Data Breaches Analysis
Live threat feed May 19, 2026 | 12:10 UTC
4110 CVEs This Month
6 Actively Exploited
2 Ransomware Activity
18 Breaches YTD
Threat Investigation Portal
Investigate an IOC in the live graph workspace.
Investigate IOC
Cybersecurity News

Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack

Thirumala Rao Padilam Thirumala Rao Padilam April 22, 2026
Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack

Cybersecurity researchers have uncovered a previously undocumented data wiper malware named Lotus Wiper, used in a destructive campaign that targeted Venezuela’s energy and utilities sector from late 2025 into early 2026. Discovered by Kaspersky, the malware employs batch scripts to initiate destructive activity on infected systems.

What happened

Kaspersky researchers identified a novel file wiping malware called Lotus Wiper that has been deployed in cyberattacks against Venezuela’s energy and utilities infrastructure. The attacks occurred at the end of 2025 and extended into early 2026. The malware operates by leveraging two batch scripts that initiate the wiping process, leading to the destruction of data within targeted systems. This represents a previously undocumented destructive campaign impacting critical sectors in Venezuela.

Why it matters

The emergence of Lotus Wiper highlights ongoing threats to critical infrastructure, particularly within energy and utility sectors that are essential to national stability and security. Destructive malware campaigns pose significant risks by disrupting operations, causing potential cascading effects across dependent services. The targeting of Venezuela’s critical infrastructure underscores the growing trend of using sophisticated malware to inflict harm on nation-state and industrial targets.

What security teams should do

Security teams responsible for critical infrastructure should monitor for unusual wiping activity and suspicious batch script executions to detect potential compromise by Lotus Wiper or similar malware. Incident response plans should incorporate procedures for containment and recovery from data wiping attacks. Organizations should consult technical advisories from cybersecurity vendors such as Kaspersky for updated detection and mitigation strategies specific to Lotus Wiper.

Key technical details

Lotus Wiper is a previously undocumented malware family that uses two batch scripts to initiate file wiping, causing irreversible data destruction. The malware’s destructive payload targets systems within Venezuela’s energy and utilities sector. Details on propagation vectors and exact wiping mechanisms have been reported by Kaspersky but remain limited in public disclosures. The use of batch scripts indicates a reliance on scripting automation to execute destructive commands once deployed.

Affected organizations/products

The Lotus Wiper malware campaign has been observed targeting the energy and utilities sector in Venezuela from the end of 2025 to early 2026. No additional affected countries or sectors have been reported at this time.

Source attribution

https://thehackernews.com/2026/04/lotus-wiper-malware-targets-venezuelan.html

Thirumala Rao Padilam
Written by
Thirumala Rao Padilam
error: Content is protected !!