BiBi Wiper, a destructive malware, has recently been updated to include a feature that can erase the hard drive partition table. This enhancement makes it extremely difficult to recover any data that has been wiped by the malware. The latest version of BiBi Wiper is capable of affecting both Linux and Windows operating systems. In addition to wiping all data on the hard drive, it also destroys the partition table, making traditional data recovery methods nearly impossible.
The malware is attributed to the Void Manticore hacker group, allegedly funded by the Iranian government, and is known for targeting organizations in Israel and Albania. Void Manticore also utilizes two other data destruction tools, namely Cl Wiper and Partition Wiper, and is believed to be linked to another Iranian-backed hacker group called Scarred Manticore.
Scarred Manticore specializes in initial network intrusions, followed by granting access to Void Manticore for further actions, such as data theft and destruction. To infiltrate target networks, Scarred Manticore exploits the CVE-2019-0604 vulnerability in Microsoft Sharepoint, enabling them to move across the network and steal emails.
To protect against BiBi Wiper, users should ensure that their software is regularly updated, install reputable anti-virus programs, and regularly back up their data.
