A very interesting story of Iranian hackers (whether government sponsored or sanctioned does not matter) attacked and deleted a lot of files using Visual Basic. (I know from 2014 attack – but that is when we get the most amount of data sometimes…)
Apparently the billionaire owner pissed off some hacktivists in Iran after he made a statement of “nuking Iran”. The Las Vegas Sands hotels and casinos were attacked at the weakest place a hotel in Bethlehem, PA. And from there they were able to obtain an admin userid/pw combo that had access to the main casinos in Las Vegas.
Once accessing the main network, they installed malware built with Visual Basic.
The Palazzo is in http://www.sands.com/united-states.html Las Vegas.
Hackers used the open source tool mimikatz
https://github.com/gentilkiwi/mimikatz
Here is a tutorial on the pentestlab blog
mimikatz can get more passwords from the targeted machine quickly.
Threatpost has some details of the malware that wipes hard drives.
https://threatpost.com/details-emerge-on-sony-wiper-malware-destover/109727/
As mentioned, Cryptolocker is also software that destroys files (or renders them unusable) http://oversitesentry.com/unplug-your-synology-devices-cryptolocker-ransomware-will-encrypt/
This analysis of the
Darkseoul-Jokra malware https://www.fidelissecurity.com/sites/default/files/FTA%201008%20-%20Darkseoul-Jokra%20Analysis%20and%20Recovery.pdf
This is the most interesting portion in my opinion: