BleepingComputer reports that Israeli companies had their Linux systems subjected to attacks involving the new BiBi-Linux wiper malware amid the ongoing conflict between Israel and Palestinian military group Hamas.
Unlike other wiper malware strains that perform data exfiltration and leverage reversible encryption algorithms, BiBi-Linux, which references Israeli Prime Minister Benjamin Netanyahu, proceeds to damage system data and perform a complete wipe of targeted devices' operating system, according to a report from Security Joes' Incident Response team.
File contents are being overwritten and renamed by the malware with an extension based on the "BiBi" string, with the appended number in the extension indicating the total number of file wiping rounds. Meanwhile, BiBi-Linux's lack of any protective measures, including obfuscation and packing, suggests attackers' intent to maximize the effect of their intrusion instead of concealing their operations. Wiper malware has also been leveraged by Russian hacking operations since the Russia-Ukraine war commenced in February 2022.
Ukraine has been targeted by Russian threat actors in the new Operation Texontodisinformation campaign that also involved spear-phishing and credential exfiltration tactics, according to The Hacker News.
Record high ransomware and data extortion incidents experienced by Western nations last year have prompted former National Security Agency Director Michael Rogers to call for a reevaluation of their cybersecurity defense strategy.