NullMixer Polymorphic Malware Variant Infects 8K Targets in Just a Month

  /     /     /  
Publicated : 23/11/2024   Category : security


NullMixer Polymorphic Malware Variant Infects 8K Targets in Just a Month


The NullMixer loader has compromised thousands of endpoints in the US, France, and Italy, stealing data and selling it to Dark Web data dealers, all without setting off alarm bells.



A new version of the NullMixer dropper includes polymorphic loaders from malware-as-a-service (MaaS) and pay-per-install (PPI) providers on Dark Web markets, and its being used to target organizations in North America, as well as Italy and France.
The malware, a known threat, typically installs a suite of downloaders, banking Trojans, stealers, and spyware on victims systems, all in one go. The new additions, however, make the threat even more dangerous, according to a detailed NullMixer analysis this week from Security Affairs, because the threat can adapt to whatever the specific environment is that it infects.
The analysis also explains how threat actors have been using search engine optimization (SEO) poisoning and malicious video tutorials to con IT staff into installing the new malware. In just one month, the
newly enhanced NullMixer malware
 has established initial access into more than 8,000 endpoints, stealing data to sell it to brokers in underground markets.
Most victims are running Windows 10 Professional and Enterprise operating systems, the NullMixer report said, adding that the malware also seems to have successfully infected Windows Embedded IoT environments.
The NullMixer package is including new polymorphic loaders by third parties MaaS and PPI service providers in the underground markets, and also pieces of controversial, potentially North-Korean linked PseudoManuscript code, the researchers explained about the latest
NullMixer malware strain
. Our insights into a recent NullMixer malware operation revealed Italy and France are the favorite European countries from the opportunistic attackers perspective.

Last News

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
NullMixer Polymorphic Malware Variant Infects 8K Targets in Just a Month