Cybersecurity Notice!   BiBi-Windows Wiper Malware

November 22, 2023

The Threat
We have received notice of a highly destructive malware named BiBi-Windows Wiper. This malware is not Ransomware. Like NotPetya (launched by Russia against Ukraine in 2017), it does not seek a monetary ransom. Its only objective is to destroy data with no means of recovery.

 The Details
The BiBi-Windows Wiper malware detects files and then overwrites them with random bytes to prevent their recovery. It then renames the files using a ten-character sequence of random letters containing the “BiBi” string, with no possible recovery method. The malware also switches off the “Error Recovery” mode and deactivates the “Windows Recovery” feature.

 How BiBi-Windows Wiper is Delivered

Like most malware, it exploits unpatched software vulnerabilities and social engineering to infect computers.  Users may unknowingly download and execute malware when opening attachments or clicking on links received via email. Another avenue for malware infection is “Malvertising,” where attackers inject malicious code into website advertisements. Clicking on these ads can open malicious websites or trigger the automatic download of malware.

 Prevention and Recovery

It is vital to ensure the following cybersecurity protections are in place (Deltec services in parentheses):

  • Aggressive and routine patching of all windows systems (Proactive Services)
  • Endpoint detection and response software (Sentinel One)
  • Email security (MailGuard Premium)
  • Cybersecurity training (KnowBe4)
  • Next generation firewalls (SonicWall)
  • Reliable and secure data backup and recovery (Assure)

Please contact us if you would like more information about these and other Deltec cybersecurity offerings to help manage threats like this one.

 A Final Thought

Cyber-attacks are now an integral part of contemporary warfare, and the conflict between Hamas and Israel is following the same model as the conflict between Russia and Ukraine.  Hamas is currently targeting Israel’s education systems and technology-based enterprises with a malware named “BiBi-Windows Wiper.” You may recall that in 2017, Russia attempted to target only Ukraine with the NotPetya ransomware, which ultimately impacted organizations around the globe, including the United States, United Kingdom, Denmark, India, and Australia, resulting in recovery efforts totaling over 10 billion dollars.

The BiBi-Windows Wiper threat could have similar global impact.

About Deltec Solutions

Deltec Solutions is a Muncie-based business specializing in strategic Information Technology solutions for organizations.  As a trusted technology partner for small and mid-size organizations since 1990, Deltec Solutions helps clients with their technology needs in four areas: network infrastructure consulting and planning, cybersecurity hardening and training, business continuity planning, and remote desktop support.  Call us today and let us help you get the most of your technology investment.

Contacts

Steve Davis, President and CEO | sdavis@deltecsolutions.com | 765-587-5136
Scott Jordan, Founder and CTO | sajordan@deltecsolutions.com | 765-587-5101