Security News > 2024 > May > New BiBi Wiper version also destroys the disk partition table
A new version of the BiBi Wiper malware is now deleting the disk partition table to make data restoration harder, extending the downtime for targeted victims.
BiBi Wiper attacks on Israel and Albania are linked to a suspected Iranian hacking group named 'Void Manticore', which is believed to be affiliated with Iran's Ministry of Intelligence and Security.
A new report from Check Point Research uncovers newer variants of the BiBi wiper and two other custom wipers used by the same threat group, namely Cl Wiper and Partition Wiper.
The newer versions of the BiBi Wiper seen by Check Point corrupt non-system files with random data and append a randomly generated extension containing the "BiBi" string.
Partition Wipers specifically target the system's partition table, so the disk layout cannot be recovered, complicating the data restoration efforts and maximizing the damage done.
New AcidPour data wiper targets Linux x86 network devices.