Malware

New variants of Mirai and Gafgyt botnets were found targeting well-known vulnerabilities using multiple exploits directed at enterprises for possible DDoS attacks, including the flaw used in the 2017 Equifax data breach.

A new fileless malware utilizes Powershell and EternalBlue via WMI for propagation, infecting workstations and servers connected to a local server with a cryptocurrency miner and a DDos tool. Significant infections have been detected in North America and Europ

A new Rakhni variant was found with the ability to decide whether to install ransomware or cryptominers. It also has a worm component, installs spyware, and can disable Windows Defender.

Researchers found a new malware called MyloBot in the wild that features new attack and evasion techniques — as well as the ability to delete other existing malware in the infected system.

Syscoin's GitHub account was hacked to distribute modified versions of their software. Developers who executed Syscoin 3.0.4.1 are advised to change their unencrypted cryptocurrency wallet passwords and back up their files.

PyRoMineIoT malware infects systems with a Monero miner, spreads using RCE EternalRomance by removing or modifying accounts and passwords with privileged access, and scans for vulnerable Internet of Things devices for possible future attacks.

Recently discovered malware MnuBot is making the rounds in Brazil, targeting local banks and their customers with malware families commonly used for fraud in the region.

A persistent Monero-miner malware increases CPU activity and drains the batteries of Mac users, making the hardware prone to system slowdown and overheating.

Researchers reported that over a hundred Android devices had been preinstalled with the adware Cosiloon, affecting more than 18,000 gadgets in more than 100 countries.