Security researchers found a new malware called MyloBot (detected by Trend Micro as TSPY_MYLOBOT.A) that features sophisticated evasion, infection, and propagation techniques, implying that the authors have the experience and heavy infrastructure behind them.
Discovered in the systems of an undisclosed Tier 1 data and telecommunications equipment company, the researchers observed MyloBot's behaviors include process hollowing, reflective EXE, code injection, ransomware payload, and data theft.
As it ropes in infected machines into a botnet, this new malware also removes all other malware from the system and inflicts extensive system damage.
SkyWatchSM Alert Legend
Glesec Information Sharing Protocol
GLESEC CYBER SECURITY INCIDENT REPORTS are in compliance with the U.S. Department of Homeland Security (DHS) Traffic-Light Protocol (TLP).
Disclosure is Not Limited.
Limited Disclosure, Restricted Only to the Community.
Limited Disclosure, restricted to the Participant's Organization.
Not for Disclosure, Restricted/ Classified - Only Shared with US DHS.