The detection of new malware samples indicates the level at which cyber threats are evolving. In the last 24 hours, security researchers have unearthed three new malware that are capable of performing a wide range of malicious activities. One of them is the Ttint botnet that includes remote tools-like features, apart from launching DDoS attacks.
The other two malware include a variant of the Black-T cryptojacking malware and the SLOTHFULMEDIA dropper. While the former is used against vulnerable Docker APIs, the latter is used to drop a trojan and a malicious components on infected computers.
Top Breaches Reported in the Last 24 Hours
Swiss universities affected
Several top universities and schools in Switzerland have been compromised to steal employees’ salaries. According to reports, the hackers accessed universities’ payment systems and changed beneficiary accounts information for salary transfers to steal a six-figure sum.
UN Shipping agency attacked
The United Nations agency for international shipping was forced to take a number of services offline after being hit by a cyberattack. However, the organization’s email and virtual meeting platforms remained unaffected by the incident.
Top Malware Reported in the Last 24 Hours
New variant of Black-T malware
Researchers have uncovered a new variant of the Black-T cryptojacking malware that is associated with the TeamTNT APT group. The malware is used against exposed Docker daemon APIs. It uses three different network scanning tools to identify vulnerable Dockers within the local network.
New SLOTHFULMEDIA malware
A new malware dropper named SLOTHFULMEDIA deploys two files when executed on a system. One of the files is a RAT designed to gain control over compromised devices and the other is a component that removes the dropper after the RAT achieves persistence on the targeted computer.
New Ttint botnet
Ttint is a newly discovered IoT botnet that includes remote tools-like features. The botnet, which appears to have been deployed last year, exploits two zero-day vulnerabilities in Tenda routers, for which security patches have not yet been released.
Malicious npm packages