mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-27 01:07:18 +00:00
[threat-actors] Add BiBiGun
This commit is contained in:
parent
1c16ab3786
commit
8ed4377844
1 changed files with 14 additions and 0 deletions
|
@ -13825,6 +13825,20 @@
|
||||||
},
|
},
|
||||||
"uuid": "00b84012-fa25-4942-ad64-c76be24828a8",
|
"uuid": "00b84012-fa25-4942-ad64-c76be24828a8",
|
||||||
"value": "Sandman APT"
|
"value": "Sandman APT"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "A pro-Hamas hacktivist group developed a wiper called BiBi-Linux to target and destroy data on Israeli systems. The malware impersonates ransomware but operates solely to corrupt and delete files, indicating no data theft. A Windows variant, BiBi-Windows, was also discovered, sharing similarities with BiBi-Linux but targeting all files except executables. ESET researchers have named the group behind the wipers BiBiGun. The group's TTPs have shown overlaps with Moses Staff, which is believed to have an Iran nexus.",
|
||||||
|
"meta": {
|
||||||
|
"country": "PS",
|
||||||
|
"refs": [
|
||||||
|
"https://twitter.com/ESETresearch/status/1719437301900595444",
|
||||||
|
"https://github.com/knight0x07/BiBi-Windows-Wiper-Analysis?tab=readme-ov-file",
|
||||||
|
"https://thehackernews.com/2023/11/new-bibi-windows-wiper-targets-windows.html",
|
||||||
|
"https://www.securityjoes.com/post/bibi-linux-a-new-wiper-dropped-by-pro-hamas-hacktivist-group"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "f8054f5b-45e5-4624-b8d0-1b9c30aa084e",
|
||||||
|
"value": "BiBiGun"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 296
|
"version": 296
|
||||||
|
|
Loading…
Reference in a new issue