A new version of the BiBi Wiper malware is now deleting the disk partition table to make data restoration harder, extending the downtime for targeted victims.

  • LazerFX
    link
    fedilink
    English
    arrow-up
    11
    ·
    6 months ago

    The old Chernobyl virus did this. I caught it. Had to restore the MPT of a FAT32 drive - fortunately, the MPT and first FAT fell outside the boundary of the destruction, so I was able to use the 2nd FAT to restore the files and get pretty much everything back. Was stressful - lots of running to the second computer to get details of how the hex structure of the MPT was built and recreate it because using a tool would have formatted/erased what was there (This was early 00’s, off an old magazine cover floppy disk). Fun times, and not something you want to do with a business machine or with critical software (Though, why haven’t you got it backed up in an air-gapped way if it’s that critical?)