Fileless Linux Malware PyLoose Targets Cloud To Steal Cryptocurrency

PyLoose, a fileless malware, is exploiting cloud workloads for Monero mining by utilizing a simple Python script containing an encoded XMRig miner. Its execution directly from memory makes it highly stealthy, posing a challenge for security tools to detect, as stated by Wiz researchers. This fileless malware, which leaves no physical trace on drives, evades signature-based detection and injects malicious code into genuine processes using legitimate system tools. Wiz's security experts discovered PyLoose attacks on June 22nd, 2023, and have confirmed over 200 instances of compromise, marking it as the first documented Python-based fileless attack on cloud workloads. Read more...