$type=slider$show=home$snippet=hide$cate=0$h=500$va=0$rm=0

This new botnet has recruited an army of Windows devices

A new botnet is exploiting close to a dozen high and critical-severity vulnerabilities in Windows systems to turn them into cryptomining c...

A new botnet is exploiting close to a dozen high and critical-severity vulnerabilities in Windows systems to turn them into cryptomining clients as well as to launch DDoS attacks.

The malware behind the botnet has been given the name Satan DDoS though security researchers have taken to referring to its as Lucifer in order to avoid confusion with the Satan ransomware.

Palo Alto Networks' Unit 42 began looking into the botnet after the company's researchers discovered it while following multiple incidents involving the exploitation of a critical vulnerability in a component of the Laravel web framework which can lead to remote code execution.

At first the Lucifer malware was believed to be used to mine the cryptocurrency Monero. However, it later become apparent that the malware also contains a DDoS component as well as a self-spreading mechanism that uses severe vulnerabilities and brute-forcing to its advantage.

Lucifer malware

In a blog post, Unit 42 provided further details on just how powerful the capabilities of the Lucifer malware are, saying:

“Lucifer is quite powerful in its capabilities. Not only is it capable of dropping XMRig for cryptojacking Monero, it’s also capable of command and control (C2) operation and self-propagation through the exploitation of multiple vulnerabilities and credential brute-forcing. Additionally, it drops and runs EternalBlue, EternalRomance, and DoublePulsar backdoor against vulnerable targets for intranet infections.”

The operators behind Lucifer have weaponized exploits for 11 different vulnerabilities which have all since been patched. However, cybercriminals often leverage older vulnerabilities to prey on users who have yet to patch their systems.

The latest version of the botnet malware also includes anti-analysis protection which allows it to check the user and computer name of an infected machine before carrying out its operations. If any names are found that correspond with analysis environments, the malware stops.

To protect against Lucifer, businesses and individuals should keep their software updated with the latest patches and use strong passwords.

Via BleepingComputer



from Future - All the latest news https://ift.tt/3i8pR5Z
via IFTTT

COMMENTS

BLOGGER
Name

Apps,3757,Business,145,Camera,1123,Earn $$$,1,Gadgets,1601,Games,871,Mobile,1646,Technology,7331,Trailers,773,Travel,36,Trendly News,12162,Video,3,XIAOMI,11,
ltr
item
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews: This new botnet has recruited an army of Windows devices
This new botnet has recruited an army of Windows devices
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews
http://www.trendlynews.in/2020/06/this-new-botnet-has-recruited-army-of.html
http://www.trendlynews.in/
http://www.trendlynews.in/
http://www.trendlynews.in/2020/06/this-new-botnet-has-recruited-army-of.html
true
3372890392287038985
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share. STEP 2: Click the link you shared to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy