A new version of the BiBi Wiper malware is now deleting the disk partition table to make data restoration harder, extending the downtime for targeted victims.
A new version of the BiBi Wiper malware is now deleting the disk partition table to make data restoration harder, extending the downtime for targeted victims.
The old Chernobyl virus did this. I caught it. Had to restore the MPT of a FAT32 drive - fortunately, the MPT and first FAT fell outside the boundary of the destruction, so I was able to use the 2nd FAT to restore the files and get pretty much everything back. Was stressful - lots of running to the second computer to get details of how the hex structure of the MPT was built and recreate it because using a tool would have formatted/erased what was there (This was early 00’s, off an old magazine cover floppy disk). Fun times, and not something you want to do with a business machine or with critical software (Though, why haven’t you got it backed up in an air-gapped way if it’s that critical?)
That sounded like a pain to deal with. Did you get the data back?
Yep, took a couple of days with a hex editor, but was a good learning experience