As the Tokyo Olympics are in full swing so does the malicious actors. A wiper is targeting the Tokyo Olympics following the footsteps of Olympic Destroyer Wiper which disrupts the Olympic Winter Games in Pyeongchang, South Korea.
DEADWOOD Wiper take place of the Apostle Wiper, which has many logical flaws and it did not work as expected by the attackers named as Agrius. Agrius also utilized DEADWOOD (aka Detbosit), a wiper. It is written in C++ using the Boost libraries.
Apostle is a .NET based malware that evolves from a Wiper to full-featured ransomware. It shares code with another tool from Agris APT arsenal, IPsec Helper.
CoViper is just another threat actor that wants a piece of the pie of the COVID-19 outbreak. CoViper is a Master Boot Locker or MBRLocker. It means it does not encrypt user files but change the Booting "sequence" and hence render a system useless. An advanced computer user can recover it by installing a new MBR.
This Wiper is named as GermanWiper due to its targeting of German victims and it is a destructive wiper rather than ransomware. It destroys its victim's files by filling zeros in it and yet ask for 0.15 BTC or $1500.