fbpx
perm_phone_msgConsider your business risks? Chat With US

After Windows, Lucifer malware returns to haunt Linux devices

Ransomware BCyber todaySeptember 2, 2020 10

Background
share close

Lucifer malware is capable of conducting DDoS attacks and mine Monero cryptocurrency from targeted devices.

Just under a month ago, we covered how “Lucifer” – a malware discovered by Palo Alto Networks’ Units 42 researchers was haunting Windows-based devices by exploiting vulnerabilities and conducting DDoS attacks. 

This also involved mining the Monero cryptocurrency on the victim’s devices. Now in the latest, it turns out that the malware has returned but this time with support for Linux based systems as well.

Reported by NETSCOUT; in addition to the features found in the Windows version such as cryptojacking, the new Linux version contains capabilities that enable it to steal user credentials using a tool named MIMIKATZ.

Furthermore, TCP, UCP, ICMP, and HTTP-based DDoS attacks can also be launched along with spoofing the IP addresses of the attack packets to hide their source.

The real question nonetheless is, what makes the tool on Linux all the more dangerous though?

Answering this, the researchers explained that access to Linux machines allows the malware to utilize systems with much higher performance & bandwidth in “internet data centers (IDCs), with each node packing a larger punch in terms of DDoS attack capacity,” something that isn’t often seen on Windows devices.

Therefore, this presents the opportunity for the attackers to conduct much more lethal DDoS attacks.

To conclude, this is more of a trend that we see over time with malware tools extending their reach from one operating system to another in order to broaden their victim net.

Knowledge and experience of combatting the Lucifer tool in Windows systems will certainly help cybersecurity researchers but more work may be needed to fight the newly added features. In the future though, we can expect to see even more expansion of the malware as the researchers state,

As IoT devices are almost always based on various Linux distributions, it would not be a huge stretch to see Lucifer recompiled to run on IoT-based devices and include common IoT vulnerabilities as an infection method.

Did you enjoy reading this article? Do like our page on Facebook and follow us on Twitter.

This content was originally published here.

Written by: BCyber

Rate it
Previous post

Similar posts

Ransomware BCyber / October 19, 2020

Ad-light, Malware-heavy # Chris Dzombak

Ad-light, Malware-heavy Since December 17, Forbes has been running an experiment wherein some fraction of visitors who are running ad blockers are blocked from accessing Forbes articles until they disable their ad blocker. In exchange, Forbes promises an “ad-light experience”: A Forbes article published yesterday claims that this interstitial resulted in 42.4% of visitors turning ...

Read more trending_flat