Data-destroying malware has a new attack method

According to TechRadar , BiBi Wiper, a notorious data-destroying malware, has just been upgraded with the ability to wipe the hard drive partition table, making data recovery extremely difficult.

According to security researchers, the latest version of the BiBi Wiper malware works on both Linux and Windows operating systems. It not only wipes all data on the hard drive, but also destroys the partition table, which stores information about the drive's structure. This makes it almost impossible to recover data using traditional methods.

BLEEPINGCOMPUTER SCREENSHOT

BiBi Wiper is believed to have been developed by the Iranian government- sponsored hacking group Void Manticore. Their targets include organizations in Israel and Albania. In addition to BiBi Wiper, Void Manticore also uses two other data destruction tools: Cl Wiper and Partition Wiper. The malware is believed to be linked to Scarred Manticore, another Iran-backed hacking group.

Scarred Manticore specializes in performing initial intrusions into target networks, then handing over access to Void Manticore to perform subsequent actions, including data theft and destruction.

To infiltrate target networks, Scarred Manticore often exploits the CVE-2019-0604 vulnerability in Microsoft Sharepoint. This vulnerability allows them to move laterally across the network and steal emails.

To protect themselves from BiBi Wiper, users need to update software regularly, install reputable antivirus software and back up data regularly.