What is the threat?
The wiper, named “BiBi-Windows Wiper”, has been used by a pro-Hamas hacker group in the wake of the ongoing Israel-Hamas war.
BiBi-Windows Wiper is part of a wider data-wiping attack on Israeli computers destroying data on both Linux and Windows systems. It is primarily targeting the education and technology sectors. The wiper malware also causes irreversible data corruption and operational disruption on almost all files. The malware simply overwrites the original file with random bytes to prevent their recovery, followed by renaming the files using a ten-character long sequence of random letters containing the “BiBi” string, with no possible method to recover it. The malware also switches off the “Error Recovery” mode and deactivates the “Windows Recovery” feature.