New BiBi-Windows Wiper Targets Windows Systems in Pro-Hamas Attacks

Cybersecurity researchers have warned about a Windows version of a wiper malware that was previously observed targeting Linux systems in cyber attacks aimed at Israel. Dubbed BiBi-Windows Wiper by BlackBerry, the wiper is the Windows counterpart of BiBi-Linux Wiper, which has been put to use by a pro-Hamas hacktivist group in the wake of the Israel-Hamas war last month. "The Windows variant confirms that the threat actors who created the wiper are continuing to build out the malware, and indicates an expansion of the attack to target end user machines and application servers," the Canadian company said Friday. Slovak cybersecurity firm is tracking the actor behind the wiper under the name BiBiGun, noting that the Windows variant is designed to overwrite data in the C:Users directory recursively with junk data and appends. The BiBi-Windows Wiper artifact is said to have been compiled on October 21, 2023, two weeks after the onset of the war. The exact method by which it is distributed is currently unknown. Besides corrupting all files with the exception of those with. Sys extensions, the wiper deletes shadow copies from the system, effectively preventing the victims from recovering their files. Another notable similarity with its Linux variant is its multithreading capability. "For the fastest possible destruction action, the malware runs 12 threads with eight processor cores," Dmitry Bestuzhev, senior director of cyber threat intelligence at BlackBerry, said. It's not immediately clear if the wiper has been deployed in real-world attacks, and if so, who the targets are. The development comes as Security Joes, which first documented BiBi-Linux Wiper, said the malware is part of a "Larger campaign targeting Israeli companies with the deliberate intent to disrupt their day-to-day operations using data destruction." The cybersecurity firm said it identified tactical overlaps between the hacktivist group, who call themselves Karma, and another geopolitically motivated actor codenamed Moses Staff, which is suspected to be of Iranian origin. "Although the campaign has primarily centered around Israeli IT and government sectors up to this point, some of the participating groups, such as Moses Staff, have a history of simultaneously targeting organizations across various business sectors and geographical locations," Security Joes said.

This Cyber News was published on thehackernews.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000


Cyber News related to New BiBi-Windows Wiper Targets Windows Systems in Pro-Hamas Attacks

New BiBi-Windows Wiper Targets Windows Systems in Pro-Hamas Attacks - Cybersecurity researchers have warned about a Windows version of a wiper malware that was previously observed targeting Linux systems in cyber attacks aimed at Israel. Dubbed BiBi-Windows Wiper by BlackBerry, the wiper is the Windows counterpart of ...
11 months ago Thehackernews.com
Fake F5 BIG-IP zero-day warning emails push data wipers - The Israel National Cyber Directorate warns of phishing emails pretending to be F5 BIG-IP zero-day security updates that deploy Windows and Linux data wipers. Israel's National Cyber Directorate acts as the CERT responsible for protecting the country ...
11 months ago Bleepingcomputer.com
The Dangerous Mystery of Hamas' Missing 'Suicide Drones' - Faced with the looming possibility that Hamas could leverage some of the same techniques, Israel began running drills, practicing with fighter jets to intercept UAVs. In February 2014, it announced a prototype of a new air defense system: The "Iron ...
11 months ago Wired.com
Sandworm APT targets Ukraine with new SwiftSlicer wiper - Russia-linked Sandworm APT group is behind a new Golang-based wiper, tracked as SwiftSlicer, that hit Ukraine, ESET reports. Researchers from ESET discovered a new Golang-based wiper, dubbed SwiftSlicer, that was used in attacks aimed at Ukraine. The ...
1 year ago Securityaffairs.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
11 months ago Esecurityplanet.com
Hamas Cyberattacks Ceased After the Oct. 7 Terror Attack. But Why? - Cyber threat actors linked with Hamas have seemingly ceased activity ever since the terrorist attack in Israel on Oct. 7, confounding experts. Russia's invasion of Ukraine - preceded and supported by historic waves of cyber destruction, espionage, ...
9 months ago Darkreading.com
Sandworm APT Group Adds New Wiper Malware to Its Hacking Toolkit - ESET researchers have recently uncovered that the notorious Sandworm APT group has added a new wiper malware to its hacking toolkit. The wiper is based on a command-line utility from Microsoft called SDelete, which is used for securely deleting ...
1 year ago Cybersecuritynews.com
New Report Uncovers NikoWiper Malware Used to Attack Ukraine Energy Sector - The Russia-affiliated Sandworm used yet another wiper malware strain dubbed NikoWiper as part of an attack that took place in October 2022 targeting an energy sector company in Ukraine. The NikoWiper is based on SDelete, a command line utility from ...
1 year ago Thehackernews.com
New AcidPour data wiper targets Linux x86 network devices - A new destructive malware named AcidPour was spotted in the wild, featuring data-wiper functionality and targeting Linux x86 IoT and networking devices. Data wipers are a category of malware designed for destructive attacks that delete files and data ...
8 months ago Bleepingcomputer.com
Iranian Phishing Campaign Targets Israel-Hamas War Experts - Iran-linked threat actors are targeting high-profile researchers working on the Israel-Hamas conflict via a sophisticated social engineering campaign, according to Microsoft Threat Intelligence. The threat actor Mint Sandstorm, which has ties to ...
10 months ago Infosecurity-magazine.com
The Hamas Threat of Hostage Execution Videos Looms Large Over Social Media - Hadley says his team of 20 typically knows about new terrorist content before any of the big platforms. While tracking verified content from Hamas' military wing or the PIJ, Hadey says the volume of content on the major social platforms is "Very ...
11 months ago Wired.com
IT and OT cybersecurity: A holistic approach - In comparison, OT refers to the specialized systems that control physical processes and industrial operations. OT Technologies include industrial control systems, SCADA systems and programmable logic controllers that directly control physical ...
10 months ago Securityintelligence.com
The Embedded Systems and The Internet of Things - The Internet of Things is a quite new concept dealing with the devices being connected to each other and communicating through the web environment. This concept is gaining its popularity amongst the embedded systems that exist - let's say - 10 or ...
11 months ago Cyberdefensemagazine.com
Creating a New Market for Post-Quantum Cryptography - A day in the busy life of any systems integrator includes many actions that revolve around the lifeblood of its business - its customers. Systems integrators help solve evolving customer business challenges, which in turn adds partner value. It's a ...
11 months ago Securityboulevard.com
Best Practices to Protect Your Networks from the New SWIFTSlicer Wiper Malware - Hackers are using a new malware called SWIFTSlicer Wiper to wreak havoc on the Windows domain infrastructure. This vicious new security threat is specially designed to detect and target vulnerable domain networks and wipe out the data stored within ...
1 year ago Bleepingcomputer.com
How Swiftslicer Malware Wiper is Affecting Ukrainian Companies - Recent reports have revealed the emergence of Swiftslicer, a destructive wiper malware, in Ukraine. This malware targets computer networks in order to cause wide-spread data loss, disrupting operations of its victims. This development is especially ...
1 year ago Welivesecurity.com
Arc browser's Windows launch targeted by Google ads malvertising - A new Google Ads malvertising campaign, coinciding with the launch of the Arc web browser for Windows, was tricking people into downloading trojanized installers that infect them with malware payloads. The Arc browser is a new web browser featuring ...
5 months ago Bleepingcomputer.com
Iran Ramps Up Cyberattacks on Israel Amid Hamas Conflict: Microsoft - In the context of the Israel-Hamas conflict, Iran's offensive operations against Israel were initially reactive and chaotic, but quickly ramped up and expanded in scope, Microsoft says. Immediately after October 7, Iranian threat actors were seen ...
9 months ago Securityweek.com
Top White House cyber aide says recent Iran hack on water system is call to tighten cybersecurity - WASHINGTON - A top White House national security official said recent cyber attacks by Iranian hackers on U.S. water authorities - as well as a separate spate of ransomware attacks on the health care industry - should be seen as a call to action by ...
11 months ago Apnews.com
Top White House Cyber Aide Says Recent Iran Hack on Water System Is Call to Tighten Cybersecurity - A top White House national security official said recent cyber attacks by Iranian hackers on US water authorities - as well as a separate spate of ransomware attacks on the health care industry - should be seen as a call to action by utilities and ...
11 months ago Securityweek.com
Product showcase: Protect digital identities with Swissbit's iShield Key Pro - In today's fast-paced business world, protecting digital identities and optimizing daily workflows are crucial. The iShield Key Pro series from Swissbit addresses these challenges by offering top-notch security combined with effortless usability. ...
4 months ago Helpnetsecurity.com
Tesla Issues Fourth Recall For Cybertruck - Most Cybertrucks in the United States are being recalled over problems with windshield wipers and exterior trim. Elon Musk's Tesla is once again having to issue a recall for thousands of its slab-sided Cybertruck vehicles due to a couple of ...
4 months ago Silicon.co.uk
Microsoft: Iranian hackers target researchers with new MediaPl malware - Microsoft says that a group of Iranian-backed state hackers are targeting high-profile employees of research organizations and universities across Europe and the United States in spearphishing attacks pushing new backdoor malware. The attackers, a ...
10 months ago Bleepingcomputer.com
The State of DDoS Attacks: Evolving Tactics and Targets Businesses Must Be Aware Of - Now, these attacks are becoming more dangerous, targeted, and detrimental as they evolve. As DDoS attacks become more sophisticated, adversaries are able to hone in on the most vulnerable targets, ranging from small- and medium-sized businesses to ...
10 months ago Cyberdefensemagazine.com
Windows 10 Extended Security Updates Promised for Small Businesses and Home Users - Already common for enterprises, for the first time, individuals will also get the option to pay for extended security updates for a Windows operating system that's out of support. Windows 10 will stop getting free updates, including security fixes, ...
11 months ago Techrepublic.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)