Security News > 2024 > July > New BugSleep malware implant deployed in MuddyWater attacks
The Iranian-backed MuddyWatter hacking group has partially switched to using a new custom-tailored malware implant to steal files and run commands on compromised systems.
"We discovered several versions of the malware being distributed, with differences between each version showing improvements and bug fixes," Check Point said.
Attacks using this new malware focus on a wide range of targets worldwide, from government organizations and municipalities to airlines and media outlets, with targeting Israel and some in Turkey, Saudi Arabia, India, and Portugal.
One month later, U.S. and U.K. cybersecurity and law enforcement agencies exposed additional MuddyWater malware, a new Python backdoor dubbed Small Sieve deployed to maintain persistence and evade detection in compromised networks.
New BiBi Wiper version also destroys the disk partition table.
Russian hackers use new Lunar malware to breach a European govt's agencies.
News URL
Related news
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)
- New IOCONTROL malware used in critical infrastructure attacks (source)
- FBI spots HiatusRAT malware attacks targeting web cameras, DVRs (source)
- Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack (source)