Network Security, Threat Intelligence, Malware

Updated BiBi Wiper malware leveraged in attacks against Israel, Albania

Warning icon on a digital LCD display with reflection.

BleepingComputer reports that Israel and Albania have been subjected to attacks with an updated version of the BiBi Wiper malware with disk partition table deletion capabilities, which has been linked with suspected Iranian state-sponsored hacking group Void Manticore, also known as Storm-842.

Attacks by Void Manticore against Israel have been concealed behind the Karma hacktivism operation, which has claimed compromising more than 40 organizations across the country, while intrusions against Albania have been hidden behind the Homeland Justice Persona, according to a report from Check Point, which also showed that hacking group providing Scarred Manticore control over hacked infrastructure.

Further examination of Void Manticore's operations showed the initial deployment of the Karma Shell payload before the delivery of newer BiBi Wiper versions that not only set sights on Israeli systems but also retain shadow copies and the Error Recovery screen while removing partition information to further hinder data recovery, said researchers.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.