Security News > 2024 > July > New BugSleep malware implant deployed in MuddyWater attacks
The Iranian-backed MuddyWatter hacking group has partially switched to using a new custom-tailored malware implant to steal files and run commands on compromised systems.
"We discovered several versions of the malware being distributed, with differences between each version showing improvements and bug fixes," Check Point said.
Attacks using this new malware focus on a wide range of targets worldwide, from government organizations and municipalities to airlines and media outlets, with targeting Israel and some in Turkey, Saudi Arabia, India, and Portugal.
One month later, U.S. and U.K. cybersecurity and law enforcement agencies exposed additional MuddyWater malware, a new Python backdoor dubbed Small Sieve deployed to maintain persistence and evade detection in compromised networks.
New BiBi Wiper version also destroys the disk partition table.
Russian hackers use new Lunar malware to breach a European govt's agencies.
News URL
Related news
- Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations (source)
- ⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More (source)
- Chinese FamousSparrow hackers deploy upgraded malware in attacks (source)
- Open-source malware doubles, data exfiltration attacks dominate (source)
- Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware (source)
- New TCESB Malware Found in Active Attacks Exploiting ESET Security Scanner (source)
- Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader (source)
- New Android malware steals your credit cards for NFC relay attacks (source)
- Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery (source)
- SuperCard X Android Malware Enables Contactless ATM and PoS Fraud via NFC Relay Attacks (source)