A new file wiping malware called Meteor was discovered used in the recent attacks against Iran's railway system. The attack itself is dubbed 'MeteorExpress,' and utilizes a toolkit of batch files and executables to wipe a system, lock the device's Master Boot Record (MBR), and install a screen locker.
A wiper is malware that intentionally deletes files on a computer and causes it to become unbootable. Unlike ransomware attacks, destructive wiper attacks are not used to generate revenue for the attackers. Instead, their goal is to cause chaos for an organization or to distract admins while another attack is taking place.