New Python-Based Fileless Malware Named ‘PyLoose’ Targeting Cloud Environments

Threat Level

Attack Report

For a detailed threat advisory, download the pdf file here

Summary

A new fileless attack called PyLoose targets cloud workloads by loading an XMRig Miner directly into memory using Python code and the memfd technique. This evasive attack highlights the need for advanced security solutions and precautions like avoiding public exposure of services and constraining system command execution.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.