The US Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Defense (DOD) Cyber National Mission Force (CNMF) have revealed that new malware dubbed SlothfulMedia is currently used by a sophisticated threat actor.
The two agencies published details on new malware they called SlothfulMedia, which attackers have already used in many countries, including India, Kazakhstan, Kyrgyzstan, Malaysia, Russia and the Ukraine. A sample of the dropper was uploaded on Virustotal.
“The sample is a dropper, which deploys two files when executed,” reads the announcement. “The first is a remote access tool (RAT) named ‘mediaplayer.exe’, which is designed for command and control (C2) of victim computer systems.
