Key Findings Previously undocumented data wiper dubbed Lotus Wiper deployed against Venezuelan energy and utilities sector in late 2025 and early 2026 Multi-stage attack uses two batch scripts to disable system defenses before executing the wiper payload, which overwrites drives and deletes all recoverable data No ransom demands present, indicating destructive intent rather than financial motivation Malware compiled September 2025, uploaded December 2025, suggesting attackers
